Wednesday, April 27, 2011

Use Cisco IOS Software Checker to Manage Vulnerabilities

Yesterday, Cisco announced a new security tool called the Cisco IOS Software Checker that allows administrators and support providers to quickly identify exposure to software vulnerabilities that have been announced by Cisco through Security Advisories and their PSIRT response team.

This can aid risk assessment efforts by reducing the labor and time involved in scouring historical security advisories, or maintaining an archived list of vulnerabilities that affect deployed platforms and software versions in your environment.

The tools is very easy to use, and the results appear accurate (although Cisco does reiterate that this tool does not replace the list of affected software versions and fixed versions listed in individual security advisory notices).

Note - This tools currently only supports devices running Cisco IOS software. Platforms such as the Wireless LAN Controllers or Adaptive Security Appliances are not supported.

To access the tool, navigate to the Cisco Security Center from the Cisco Homepage > Support > Cisco Security Center > Resources > Cisco IOS Software Checker.

Step 1 - Select the method to use within the tool
Three options exist:

  1. Search by Cisco IOS Software Release - Select one or more software versions from the list.
  2. Use Show Version Command Output - Copy and past the "show version" output from a device.
  3. Upload a Text File from Your Local Workstation - If you have multiple software versions that you need to check, you can upload a file from your workstation that includes this list.

Step 2 - Select the Security Advisories to Search
This may include all previous security advisories, only the latest bundle, or a list of specific advisories.


Step 3 - Review the Results
A list of security advisories that affect the selections made in steps 1 and 2 are displayed for review.


This example shows the results for Cisco IOS version 12.3(8)JEA3 for Aironet wireless access points and all previous security advisories.

Revolution or Evolution? - Andrew's Take
This tool provides an easy method to review vulnerabilities that affect current software versions deployed in your environment, with links to each security advisory for more detail. Use this tool as a first step in assessing the risk to your environment, determining priorities, and developing action plans to remediate those risks.


Cheers,
Andrew

No comments:

Post a Comment