Cisco Bug: CSCvt95146 - Cyber Vision Center should improve the component with the help of radius protocol
May 19, 2020
- Cisco Cyber Vision Appliances
Known Affected Releases
Symptom: The Cyber Vision component creation needs to improve due to the following reasons: Inter-Cell traffic: This traffic flows across the cells. During this flow, the mac-address changes as the packet are switched across the subnets. In can very well happen that there could be multiple sensors or a single sensor attached to both the subnets that will see that same IP address mapped to different mac-addresses. The problem is, how does the Cyber Vision Center determine the source of the flow. The Cyber Vision team initially came with a recommendation that we should not connect multiple subnets to the same sensor. However, this may not be desirable in the real world, considering the cost of deploying sensors in the network. Inter-Zone traffic: This traffic comes from a higher level zone to the Cell/Area Zone. We need to improve the component creation at the Cyber Vision for these traffic flows. For example, the ISE component is shown more than ten times because there is a radius session between ISE to different IE switches. Conditions: When Cyber Vision sensor is capturing traffic for the inter-cell and intra-zone traffic then it needs a way to identify the source of the traffic, for better creation of the components.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases