Queries regarding Solawionds NCM firmware vulnerability for managed Cisco devices

HI All.

We are currently evaluating NCM, and have q few questions around firmware vulnerability management.

Even though we take backup of running and start up configs through NCM, it does not seem to scan the backed up configs and tell us actually impacting vulnerabilities.

Instead, it flags any potential vulnerabilities based on the platform (e.g. IOS-XE) and the running version.

I'd then run system diag scan on CLI analyser on devices and verify whether flagged vulnerabilities are benign or actual.

Just in case I'm not missing anything, this is expected behaviour and we just need to verify devices flagged to have vulnerabilities and select one of the available the state?

Confirmed vulnerability

Not applicable

Remediation planned

Remediated

Waiver

Many thanks,

Find more posts tagged with

solarwinds

ncm - network configuration manager

vulnerability

Accepted answers

All comments

verwin_u

Hi @akanechan

NCM validates it base on ios versions and config settings. If vulnerability report seems questionable. You also need to validate if you have the correct MIST Vulenrability data source.

Reference:

https://documentation.solarwinds.com/en/success_center/ncm/content/ncm-managing-firmware-vulnerability-settings.htm

You may also seek assistance from sw ssupport geek for much appropriate assistance. SW Academy is also good start for SW mastery.

Reference:

https://customerportal.solarwinds.com/virtualclassrooms

kpina

Hi there - this question is best placed in the SolarWinds Observability Self-Hosted forum. I've moved it for you.