Comments
-
Jamie - I'm revisiting this to see if anything has changed in CiscoLand. I've checked several ASA's for 1.3.6.1.2.1.4.35 via show snmp-server oidlist, and I get nothing. I've also tried ipNetToPhysicalEntry via the Toolset MIB Viewer, and get ** unsupported OID **. I checked the following models and versions: * ASA5510…
-
I like Aaron's post above. It used to be (5 years ago?) the recommended procedure for virtualizing DB servers was simply don't do it. The rationale was that no amount of hardware, RAM and disk could compete with a properly configured standalone database server with local RAID10, etc. I did it once long ago with SolarWinds.…
-
I also had trouble with Top Talkers firing too often no longer able to email a web page. We should do a separate thread to follow up on that, I think.
-
I've heard that said numerous times over the last 20 years, usually right after some upgrade to some Software Device Manager or API for a particular product line. It's clearly the Tower of Babel. GUIs are inherently non-auditable. One control could affect or interact with multiple settings. Use of ASDM to configure an ASA,…
-
The random ports are not anything above 1024. These ports are called Ephemeral Ports. The range depends on the OS version. Windows 7, and W2K8 and beyond, as well as properly patched W2K3 use IANA spec of 49152-65535. Older W2K3 and XP used 1024-5000. Some versions of *nix vary. Ephemeral port - Wikipedia, the free…
-
This has been a problem for over 10 years. It's definitely gotten better, though - we don't lose all of our settings now. Just one remains to be solved for us - the IP address. One thing I notice is that the dialog box is somewhat unclear: Our policy is to avoid binding to All Unassigned because it is a security risk and…
-
@"mak3" It's not my email, it's all the other info like place of Organization and Phone Number that help target a phish.
-
It's good to see that info at install time. Now, if we could get this info onto the Orion Platform Details Page, that would help all customers later discuss what versions and hotfixes they have when discussing symptoms in Thwack. We shouldn't have to do a query or decode a string of numbers to translate into the friendly…
-
The last I checked a year or so ago, APC/Schneider only supports INI file transfer via FTP. Many sites ban FTP for security reasons the same as they do Telnet. I've had some luck with passing commands and saving output via SSH. It's not the full INI, though.
-
There are klugey ways to use NCM to twiddle the FTP setting, and then push the firmware from a Windows command line script, but I have not automated it. There is a standalone APC/Schneider tool, FW_R2_Upgrade.exe, that can upgrade multiple devices once FTP is enabled on the devices. But it lacks the intelligence to prevent…
-
deverts - I agree. Also note that NCM used the older CVSS V2 scores. It would be even handier if there was a built-in calculator where we could check off nodes interactively. Getting started with the NCM Vulnerability feature appears impossibly difficult to some people - too much to research. So cutting some things down…
-
Can I buy a clue as to how to find Technical Topics Live Chat?
-
If NPS were useful, then CIsco's web site would be, too. They must have a thousand survey results from me over the years ... There's clearly a disconnect in some companies between the visionary C-levels and the people building the world. We've had decades of ergonomics and user experience journal articles, but things are…
-
1. Where I work right now - federal govt - we are incredibly siloed. But I have experience going back decades - before Cisco and routers and switches and firewalls, and even Microsoft. I've also worked in smaller shops where "Network" meant "anything that's not the PC itself." 2. Having multiple skills in a silo threatens…
-
This is still a problem with the JMX service on NPM12 with HotFix 2 and SAM v6.2.4 CU4. Fresh reinstalls may restore the unquoted path. This is a pain for government customers, who generally get scanned by Nessus regularly, and this is flagged as a High severity vulnerability by Note that Nessus rather mindlessly simply…
-
I'm curious to know what vendor's devices support AES512.
-
Doc! Doc! It was all incredibly detailed at 8:30pm after a long day of migrating like a lost Canada goose .... Until step 19 b. "Select a directory that already exists." Wha? So, should I have created a new db directory under the previous root, D:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\ or…
-
Even though this workaround does indeed work, it's counter-intuitive. It would be more logical to add a box on the device page in NPM to add the node to or remove the node from NCM And similarly within NCM to add or remove from NPM. Better yet, have a single device management interface with columns for the various plugins.…
-
I am not inclined to register for this because the registration requires disclosure of far too much PII:
-
One of the things we tried to do right off the bat was get a census of our CPU vendors - Intel vs AMD. We ran into trouble with anything other than WIndows, though. Of course, this is a problem that all NMSes face. Each OS reports things in different ways. OIDs can move from version to version and model to model. My dream…
-
That's an undated documented, and I've left feedback asking them to date it and revise as needed.
-
I am concerned that registration databases for events are hosted externally, or at least not as well secured. They provide a valuable target for hacks and later phishing attacks. Please just ask for an email address.
-
Smoothest NPM upgrade yet. Really happy with the Product Upgrade Advisor. Really happy with new UI and NetPath capability. This is definitely a must have upgrade. The only NPM glitch I'd like to whine about is that HTTPS binding for the NPM web site on the Website Settings dialog is still crazy after all these years. Even…
-
I don't see a template as of SAM 6.7.1. NPM discovers it as a basic Linux node via SNMPv3. There are minimal CLI startup-config and running-config files, but 99% of the configuration is in other files and databases. There is probably a way to get at the other files via the CLI, but I think Cisco feels it's antithetical to…
-
From time to time, I wonder how much reconnaissance can be done by reading support forums. Device models, methods, and more could be disclosed, especially in regard to security.
-
Is a recording of the webinar available?
-
My dad was a systems analyst for Chrysler on the Saturn1B rocket. He used to bring big Honeywell coding sheets home, and we'd draw and paint on the plain reverse side. When I joined the USCG in 1975, I asked the recruiter if they had computer specialists. He said, "Sure.' Turned out there was only about a dozen. But I…
-
Was it a despair.com poster?
-
RE: IoT It's bad enough that voting machines and back-end voting software is so easy to hack, but commercial power systems that use IoT are also a disaster waiting to happen. The industry lacks standards. Customers do not demand standards. There's your problem. As an old curmudgeon, I don't want IoT anywhere near my…
