Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Cisco Nexus

To integrate JSA Risk Manager with your network devices, ensure that you review the requirements for the Cisco Nexus adapter.

The following features are available with the Cisco Nexus adapter:

  • Neighbor data support

  • SNMP discovery

  • EIGRP and OSPF dynamic routing

  • Static routing

  • Telnet and SSH connection protocols

The following table describes the integration requirements for the Cisco Nexus adapter.

Table 1: Integration Requirements for the Cisco Nexus Adapter

Integration requirement

Description

Versions and supported OS levels

Nexus 5548: OS level 6.0

Nexus 7000 series: OS level 6.2

Nexus 9000 series: OS level 6.1

SNMP discovery

Matches Cisco NX-OS and an optional qualification string that ends with Software in the SNMP sysDescr.

Required credential parameters

To add credentials in JSA log in as an administrator and use Configuration Source Management on the Admin tab.

Username

Password

Enable Password

  • If you add virtual device contexts (VDCs) as individual devices, ensure that the required credentials allow the following actions: --Access the account that is enabled for the VDCs.

    Use the required commands in that virtual context.

Supported connection protocols

To add protocols in JSA, log in as an administrator and use Configuration Source Management on the Admin tab.

Use any one of the following supported connection protocols:

Telnet

SSH

Commands that the adapter requires to log in and collect data

show hostname

show version

show vdc

show vdc current-vdc

switchto vdc <vdc> where vdc is an active vdc that is listed when you enter the command, show vdc.

dir <filesystem> where filesystem is bootflash, slot0, volatile, log, logflash, or system.

show running-config

show startup-config

show module

show interface brief

show interface snmp-ifindex

show ip access-lists

show vlan

show object-group

show interface <interface> where interface is any interface that is listed when you enter the command, show running-config.

show ip eigrp

show ip route eigrp

show ip ospf

show ip route ospf

show ip rip

show ip route rip

Telemetry commands

terminal length 0

show hostname

show vdc

switchto vdc <vdc> where vdc is an active vdc that is listed when you enter the command, show vdc.

show cdp entry all

show interface brief

show ip arp

show mac address-table

show ip route

Methods for adding VDCs for Cisco Nexus Devices

Use Configuration Source Management to add Nexus network devices and Virtual Device Contexts (VDC) to JSA. There are two ways to add multiple VDCs to JSA Risk Manager.

You can add VDCs as subdevices of the Nexus device or as individual devices.

View Virtual Device Contexts

If you add VDCs as individual devices, then each VDC is displayed as a device in the topology.

If you add VDCs as subdevices, they are not displayed in the topology. You can view the VDCs in the Configuration Monitor window.

Adding VDCs As Subdevices Of Your Cisco Nexus Device

Use Configuration Source Management to add VDCs as subdevices of your Cisco Nexus device.

  1. Enable the following commands for the user that is specified in the credentials:

    • show vdc (admin context)

    • switchto vdc x , where x is the VDC that is supported.

    In Configuration Monitor, you can view the Nexus device in the topology and the VDC subdevices. For information about viewing devices, see the Juniper Secure Analytics Risk Manager User Guide.

  2. Use Configuration Source Management to add the admin context IP address of the Nexus device.

    For more information, see Adding a Network Device.

Adding VDCs As Individual Devices

Use Configuration Source Manager to add each (virtual device context) VDC as a separate device. When you use this method, the Nexus device and the VDCs are displayed in the topology.

When you view your Cisco Nexus device and VDCs in the topology, the chassis containment is represented separately.

  1. Use Configuration Source Manager to add the admin IP address of each VDC.

    For more information, see Adding a Network Device.

  2. Use Configuration Source Manager to obtain the configuration information for your VDCs.

  3. On the Cisco Nexus device, use the Cisco Nexus CLI to disable the switchtovdc command for the user name that is associated with the adapter.

    Example: If the username for a Cisco Nexus device is qrmuser, type the following commands:

Related Documentation