cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

NCM - End of Life/Vulnerabilities

Hello

Its been a while since I have been up here. We recently has NCM installed on our Orion platform. Im still getting familiar with a lot of it. I think two of the main things I want to be able to do is to identify end of live devices and notify us of any Cisco vulnerabilities from a security standpoint. I have a couple of switches imported into it already but im sure I will have to get them all in NCM in order to track and inform me of this info. I work at a pretty decent sized place and we have around 150 or so switches and some routers. So if I could get this set up I feel it would be a great benefit in keeping up with so much stuff. Im still researching all this but I was just wondering if anyone else is using this and is it worth it to set up?

Thanks

Rob

0 Kudos
4 Replies

Hi, did you ever get any responses on this?  I would also like that ability as we have a large number of Cisco devices.

0 Kudos

NIST stopped publishing their vulnerability feed a few weeks ago in the format the NCM was taking it, so the vulnerability feed feature is not currently working.  You can still do EoL stuff as described in the admin guide.

- Marc Netterfield, Github
0 Kudos

Not only NIST stop publishing the vulnerability feed in the XML format, even worse is that Solarwinds announced that the vulnerability feature maybe get removed entirely...

Network Configuration Manager 2019.4 Release Notes

However, until that its still possible to get the "new" json feed and import it into NCM. But you have to do it manually / via script. Im currently working on a solution to import it automatically for some customers.

If i have the time i will post the workaround here on thwack.

Best Regards

Rene

0 Kudos

ok thanks so much, Im going to talk with my fellow Network Engineer at one of our other locations to see what they will be doing

0 Kudos