Cisco Active Advisor can test your network setup against Cisco's Enterprise Security Baseline for LAN, Wireless LAN, and WAN white paper and Cisco Catalyst 3850 Series and Cisco Catalyst 3650 Series Switches Best Practices Guide.


To use this functionality in Cisco Active Advisor please select the “Security Health” button from the main menu. You will see a screen similar to:




To create a new report you need to follow the steps below.

  1. Enter a report name.
  2. Select a Distribution Type (VSS or Stackwise).
  3. Select the topology you have (3 Tier or 2 Tier).
  4. Select a device filter if desired (your devices must have labels for this dropdown to be populated).
  5. You then need to select the proper devices for each tier, if you selected 3 tier, at least one core, distribution and access switch must be selected. If you selected 2 tier then at least one distribution and access switch must be selected.
  6. Once you have a valid name and selected switches the "Analyze Now" button will become active. You can then click on it to create your new report. It will show up on the right hand reports list once it is complete.
  7. Click on the gear to enable or disable rules for all tests (globally).
  8. If you would like to see the report details click on the report line. If you want to delete the report you can click on the trash can at the end of the line.


The device list for each tier will automatically be populated with devices that you have already scanned. So you want to make sure you have already scanned the needed devices in your network.

 

We currently support the following devices in each tier:

 

Core (All network types)

  • Cisco Catalyst 6800 Series Switch (Must have Sup2T module installed, except C6880-X and C6840-X)
  • Cisco Catalyst 6500 Series Switch (Must have Sup2T module installed)

 

Distribution (VSS network type)

  • Cisco Catalyst 6800 Series Switch (Must have Sup2T module installed, except C6880-X and C6840-X)
  • Cisco Catalyst 6500 Series Switch (Must have Sup2T module installed)
  • Cisco Catalyst WS-C4500R+E Series Switch
  • Cisco Catalyst WS-C4500X Series Switch
  • Cisco Catalyst WS-C3850 Series Switch
  • Cisco Catalyst WS-C3750X Series Switch

 

Distribution (StackWise network type)

  •  Cisco Catalyst WS-C3850-XS Series Switch


Access (VSS network type)

  • Cisco Catalyst 4500 Series Switch
  • Cisco Catalyst 3850 Series Switch
  • Cisco Catalyst 3650 Series Switch
  • Cisco Catalyst 3750-X Series Switch
  • Cisco Catalyst 3560-X Series Switch
  • Cisco Catalyst 3560-C Series Switch
  • Cisco Catalyst 2960 S/X/XR Series Switch
  • Cisco Wireless Services Module WS-SCV-WISM2
  • Cisco Wireless LAN Controller AIR-WLCxx
  • Cisco Wireless LAN Controller AIR-CTxx


Access (StackWise network type)

  • Cisco Catalyst 3850 Series Switch
  • Cisco Catalyst 3750-X Series Switch
  • Cisco Catalyst 3650 Series Switch
  • Cisco Catalyst 3560-X Series Switch
  • Cisco Catalyst 3560-C Series Switch
  • Cisco Catalyst 2960 S/X Series Switch
  • Cisco Wireless Services Module WS-SCV-WISM2
  • Cisco Wireless LAN Controller AIR-WLCxx
  • Cisco Wireless LAN Controller AIR-CTxx


Once the report is generate you can click on the report line you would like to see and it will take you into the report details page. 


Controls on the report details page:

  1. Click this button to return to the main reports listing page
  2. You can click on each of the graphs and it will show only that information on the right best practice tests plane or take you to the category/sub-category list, see screen shot below.
  3. If you want to see the report history click on the "History" button, it will show all previous scores and dates.
  4. If you would like to regenerate the report click on the "Regenerate Button"
  5. If you want to delete this report you can click on the "Delete Report" button.
  6. If you want to see the information in the CVD for this test click on the link and a new page will open to the CVD and proper section


This screen shot shows what the sub-category screen looks like:


Controls on the sub-category page

  1. Click on the "Overall" link to return to the reports page or any underline link to go back to a level.
  2. You can click on any of the graphs and the right hand list will only show the selected tests.

This screen shows what the "gear" options are for:


You have "Apply Rule" and "Rule Results"

  • The "Apply Rule" will enable for disable the rule but only for this report, if you want it disabled/enabled globally you need to use the method that was described earlier.
  • The "Rule Results" will show you the test results details, including the devices tested and if the device passes for failed.


This screen shows the report history:


This screen shows you the score, date and time that the reports has been run or regenerated. You can click on the eye to switch and see a particular report.