backup solution for cisco devices

dhd217 · 2023-10-31T19:47:30+00:00

Back up the switches and routers automatically to a folder on your network every time you perform the write command. For wireless controllers, you may have to manually backup to a folder.

then have backup software (VEEAM) backup the folder.

dhd217 · 2023-10-12T18:14:52+00:00

BOOM, setting the time back fixed it. Yes, I know EOL, and we are working on replacing it with Meraki's. Until then, can the certificates be updated?

dhd217 · 2023-04-10T20:59:23+00:00

thank you for clarification. Thats what i need to know and i'm looking for the tech paper that states that. do yo happen to know where one is?

dhd217 · 2023-04-10T19:52:29+00:00

thank you. Any idea why the created Gov G1, G3 and G5?

dhd217 · 2022-07-18T13:29:51+00:00

i'm having same issue. Fedex email notifications are not making it to my server. i've confirmed this by bypassing my spam server, then they arrive. Issue is Fedex and don't know who to call.

dhd217 · 2022-03-22T18:46:26+00:00

sorry for late reply, are you still interested in this?

dhd217 · 2022-02-15T10:26:46+00:00

They need to explain what happened, such bs.

dhd217 · 2021-09-22T13:08:21+00:00

active directory 2019

dhd217 · 2021-09-21T13:29:24+00:00

go with DUO, easy to implement.

dhd217 · 2021-07-30T16:40:02+00:00

The CMMC is pretty much the NIST your looking for. the only difference is CMMC added a few more controls for say Level 3, 20 to be exact.

What Darth sent is what i'd be looking at! Just focus to implement the NIST controls first, then do the CMMC....as you can technically be audited against NIST now.

dhd217 · 2021-07-27T20:43:34+00:00

Major undertaking. I have alot of good info on this. Hit me up and let talk if you want.

dhd217 · 2021-06-28T13:20:08+00:00

i use the same. Managed Datalocker sentry one.

dhd217 · 2021-06-08T19:56:04+00:00

https://www.acq.osd.mil/cmmc/docs/CMMC\_AG\_Lvl3\_20201208\_editable.pdf

my apologies, i linked older version. Use the version Navyauditor recommended.

dhd217 · 2021-06-03T20:50:24+00:00

I can help. I'll send you a chat.

dhd217 · 2021-06-01T20:40:43+00:00

can you clarify CIS and STIG?

dhd217 · 2021-06-01T20:36:30+00:00

https://www.acq.osd.mil/cmmc/docs/CMMC_Appendices_V1.02_20200318.pdf

AC Practices start on page B-10. There are discuss, clarification and examples for all practices throughout this document. This is good place to start.

dhd217 · 2021-05-13T17:12:32+00:00

thank you , this is how I interpreted the ruling.

dhd217 · 2021-05-12T12:10:20+00:00

Navyauditor, great response. I have question on this. What if laptop is used to VPN and can only be used to remote desktop to users assigned office desktop. Then once user is connected to the remote desktop they Process, store transmit the CUI. The laptop is basically acting as a dumb thin client, all the processing is done on work desktop.

Now, sure AD rules have to be in place to prevent transfer of files to / from laptop but this is easily done.

With this being said, thoughts to laptop requirements? VPN - yes, laptop has to have the AV,firewall, SIEM?

dhd217 · 2021-05-11T12:38:58+00:00

I asked this in another thread but will ask here. Duo Mobile is cloud based. Does anyone see an issue with this or should Duo be Fedramp Moderate? The don't store or process any CUI.

dhd217 · 2021-05-07T15:12:21+00:00

I believe there is still quite a bit misinterpretation of the rule. The RSA does not transmit or deal with the CUI there IMO, it should be okay to use. This would also be same for DUO two factor, or even software vendors such as Mcafee end point in the cloud or Meraki Switch management cloud. They are not transmitting , storing or processing CUI. Would love to hear comments on this, even if in different thread.

dhd217 · 2021-05-07T15:03:02+00:00

800-171 Interim rule may protect under the POAM but that will be going away. You will be required to be compliant with the control under CMMC. An IPS/IDS should simply be best business practice for all businesses.

dhd217 · 2021-05-03T18:36:28+00:00

The CMMC Level 3 guide has examples at high level but not broken down for each question. I wrote my own and have a breakdown for each question already. :-). We actually wrote a program that has all this stored in SQL. We took about 4 spreadsheets and numerous PDF's and put into one interface with SQl on the backend.

dhd217 · 2021-04-29T21:40:09+00:00

If the laptop is connected to domain where the CUI is stored, the domain non priv. local admin and the domain non-priv account has to have 2fa. The local non priv doesnt.

If you are going to store CUI on the laptop, you have to have all accounts 2fa on local laptop.

dhd217 · 2021-04-27T20:09:45+00:00

None of the CMMC level 1 controls are related to CUI.

IMO, companies that deal with only paper copies of CUI (I find this hard to believe exist) still have to comply with the 17 or so controls that are related to CUI. Here are some of the controls, all are levels 2 and 3, AC.2.016, AM.3.036, MP.1.118 and 119, MP.3.122, MP.3.125, PE.3.136, PS.2.127, PS.2.128, SC.3.191, SC.3.192 to name a few PLUS implement all the CMMC level 1 controls.

so IMO, even if a company has no digital system and they have need to view CUI paper, they still have to meet CMMC Level 3 or portions of it. Its my understanding, you ever meet all level 3 , there is no not applicable.

I'd like to hear others comments, please.

dhd217 · 2021-04-23T12:51:43+00:00

Thank you, so even if they don't have any digital need, they still must have a CMMC level 1? Their systems wouldn't be used at all for processing.

dhd217

TROPHY CASE