Probably something I've missed in the reading but...
View: CSPM managing 2 4230's and a 4210 sensor.
I have loaded the S16 and S17 patches. The policies have been pushed. Everything seems to be working fine. However, from the CSPM GUI if I select the +Signature Sensors and select the signature file for any of the sensors I cannot see the new "4507" signature listed. It shows SNMP series through 4505 and then goes onto the remainder. However, the new 5223 and 5224 signatures DO show... When I check the NSDB it IS listed there. So the HTML files for the NSDB are present. How can I tell if the update patches for the sensors actually built the signatures that S16 and S17 were supposed to - at least for the 4507 sig?
The action should be set to zero (no action) by default.
And the severity should be 5 (High) by default.
If you do not see this on an S17 sensor, then either the CSPM update file has a bug, or something in your installation and deployment didn't work right.
As for looking in CSPM itself for the signature, be aware that the new signatures are not necessarily in numerical order. Quite often CSPM will simply add the new signatures to the bottom of the signature list.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...