Advisories

To maintain data center network availability and minimize the downtime, it is critical for network operators to ensure that their network infrastructure is built with up-to-date switch platforms and is running the right versions of software. It requires periodic and thorough audits of the entire infrastructure, which is historically a manual and time-consuming task. Cisco Nexus Dashboard Insights turns this task into an automated process, using digitized signatures to determine the vulnerability exposure of the network infrastructure at the click of a button.

Cisco Nexus Dashboard Insights scans the entire network to collect the complete information on its hardware, software versions, and active configuration. It then runs analysis against the digitalized database of known defects, PSIRTs, and field notices to identify the relevant ones that can potentially impact the particular network environment, matching on its hardware and software versions, features and topologies, and so on.

It then proactively alerts the network operators of the identified vulnerabilities and advises them on the right hardware and/or software versions for remediation. It also analyzes and advises on whether the network is running any out-of-date hardware or software based on Cisco product EOL or EOS announcement and schedule.

For any of the discovered issues, Cisco Nexus Dashboard Insights lists the impacted devices, vulnerability details, and mitigation steps (aka advisories). With the advisories, it recommends the best software version for the resolution and the upgrade path—either a single-step upgrade or through intermediate software versions. It also reveals the impact of the upgrade, either disruptive or nondisruptive, so that the operators can proactively plan for the upgrade accordingly.

With the automated scanning, network-context-aware vulnerability analysis, and actionable recommendations, the advisory function in Cisco Nexus Dashboard Insights makes it so much easier for the operation team to maintain an accurate audit of the entire network and avoid the downtime due to product defects or PSIRTS by getting proactive alerts and taking preventive remediation actions. Figure 2-15 shows an advisory for a field notice.

Figure 2-15 Advisory for a field notice

Firmware Update Analysis

Before an upgrade is performed, multiple validations need to be performed. Similarly, after an upgrade process, multiple checks help to determine the changes and the success of the upgrade procedure.

The Firmware Update Analysis feature suggests an upgrade path to a recommended software version and determines the potential impact of upgrading. It also helps with the pre-upgrade and post-upgrade validation checks.

The Firmware Update Analysis feature offers the following benefits:

• Assists in preparing and validating a successful upgrade of the network

• Provides visibility on the pre-upgrade checks

• Provides visibility on the post-upgrade checks and the status after the upgrade

• Minimizes the impact to the production environment

• Provides visibility as to whether the upgrade process is a single step or multiple steps

• Displays the bugs applicable to a specific firmware version

Figure 2-16 shows a firmware upgrade recommended by Cisco Nexus Dashboard Insights.


Figure 2-16 Firmware upgrade recommended by Cisco Nexus Dashboard Insights

Firmware Upgrade Analysis provides a list of intermittent upgrades to get to the destination software, along with upgrade impact and release notes for each release linked directly in Cisco Nexus Dashboard Insights. Figure 2-17 shows Firmware Upgrade Analysis.

Figure 2-17 Firmware Upgrade Analysis