Our management wants to know twice a week which of our networking equipment like our Cisco ASA firewalls, routers are missing patches for the vulnerabilities.They also would like a report when needed on a short notice like 30 minutes before a meeting.
I know a networking team member can go to each networking equipment, log in to the device, open a command line interface, get the version of software running and see if that is the latest version released by Cisco or not, but this is a manual process and we have lot of Cisco devices so doing this would take up lot of time from the networking team. We have around 400 networking devices (switches, routers, access points, controllers, ASA firewalls) mostly Cisco and some Palo Alto equipment.
We have Solarwinds modules NCM, NPM, SEM, SAM, VNQM, NTA, engineer's toolset which are on version 2019.4
1. Is there a quick way using the Solarwinds modules we have to determine patch levels of our networking equipment, ASA firewalls, Aggregation Services Routers, VPN concentrators, Firepower Threat Defense etc. to
see which device is vulnerable to which vulnerabilities which are shown by CVE numbers like CVE 2020-3452?
2. If so, how? Our networking team is understaffed so does not have time to figure out how to do this using the Solarwinds modules we have. If they are given step by step instructions on how to do this, they may configure it for us. This is to make sure a vulnerability like CVE 2020-3452 is patched in a week or sooner and if takes longer than a week, management is aware so they can assign more resources to the networking team, change project priorities etc.
3. Can we set up automated reports using the Solarwinds modules we have so we know our ASA firewall is vulnerable to CVE XYZ which was released yesterday? If so, how?
Our networking team is understaffed so does not have time to figure out how to do this using the Solarwinds modules we have. If they are given step by step instructions on how to do this, they may configure these reports for us. This is to ensure we are addressing latest vulnerabilities and can know how quickly the devices are patched.
4. How else can we ensure we are aware of latest vulnerabilities released for Cisco, Palo alto using the Solarwinds modules we have?
The networking team is overwhelmed with their daily project work in addition to patches which are released sporadically.
In NCM you can see all the info you want.
There is prebuilt reports like "Current IOS Image and Version" and "Vulnerabilities for each node" that you can start with and schedule if requested.
That is a start for you, good luck.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.