Network Exception Report for Abc Ltd

NETWORK EXCEPTION REPORT FOR ABC LTD

Report Title / Network Exception Report
Report Date / Dec 16 2010
Customer Name / ABC LTD
Customer Location / 432 Main Street, San Jose

Table of Contents

1. Service Statistics
2. Discovery and Inventory Action Needed
3. Proactive Alerts Action Needed
4. Core Assess and Repair Action Needed
5. Disaster Recovery Action Needed

Devices not Backed-up

1. IPS Signature Assessment Action Needed
2. Security Assess and Repair Action Needed
3. Voice Assessment
4. IPv6 Assessment Action Needed
5. Medianet Assessment Action Needed
6. EnergyWise Assessment Action Needed

Unless otherwise mentioned, timings specified in this report are in Greenwich Mean Time (GMT).

Service Statistics

Service Statistics
Network Discovery last performed on / Mar 17 2014
Network Inventory last performed on / Mar 17 2014
Core Active Monitor schedule / Every 0:10 Hrs from 03/17/2014 00:37 to 03/20/2014 23:59
Is Core Passive Monitor configured? / Yes
Is Security Passive Monitor configured? / No
Disaster Recovery (Back-up) last performed on / Mar 17 2014
Core Assess and Repair last performed on / Apr 23 2013
IPS Signature Update service last performed on / Apr 23 2013
Security Assess and Repair last performed on / Apr 23 2013
Voice Active Monitor schedule / Not configured to run
Is Voice Passive Monitor configured? / No
Voice assessment last performed on / Apr 23 2013
Voice Quality Monitor last performed on / Not configured to run
IPv6 assessment last performed on / Mar 13 2014
Medianet assessment last performed on / Mar 13 2014
EnergyWise assessment last performed on / Mar 13 2014

Discovery and Inventory Action Needed

Network Discovery
Number of new devices found / 0
Number of devices that were manually added / 0
Number of devices missing / 2
Status / IP Address / Client Site / Source / Device Type / Next Action
Missing / 10.1.1.1 / SanSite / Auto(Cisco) / Cisco 2801 / Delete from Inventory
Missing / 10.1.1.2 / SanSite / Auto(Cisco) / Cisco 2611 / Delete from Inventory
Network Inventory
Number of devices in inventory / 20 Devices, 212 Phones
Number of devices excluded from inventory / 1

Proactive Alerts Action Needed

Proactive Alerts
Number of devices in inventory / 20
Number of devices with alerts / 5
Alert Type
Alert / Critical / Important / Informational / Total
PSIRT / 2 / 2 / 3 / 7
HW EOX / 1 / 0 / 1 / 2
SW EOX / 0 / 2 / 4 / 4
Field Notices / NA / 2 / NA / 2
Total / 3 / 6 / 6 / 15
Details of Devices with Proactive Notifications
Address / Name / Type / Site / PSIRT / HW EOX / SW EOX / Field Notices
Critical / Important / Informational / Critical / Important / Informational / Critical / Important / Informational / Important
10.1.1.1 / HostQ / Cisco 2811 / SanSite / 1 / 0 / 1 / 1 / 0 / 0 / 0 / 1 / 0 / 0
10.1.1.2 / HostW / Cisco 2801 / SanSite / 1 / 0 / 1 / 0 / 0 / 0 / 0 / 1 / 1 / 0
10.1.1.3 / HostR / Cisco 2611 / SanSite / 0 / 1 / 1 / 0 / 0 / 1 / 0 / 0 / 0 / 0
10.1.1.4 / HostT / Cisco 2811 / SanSite / 0 / 1 / 0 / 0 / 0 / 0 / 0 / 0 / 1 / 1
10.1.1.5 / HostY / Cisco 1801 / SanSite / 0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 / 1
Alert Type / PSIRT
Severity / Critical
URL /

Headline / SIP Packets Reload IOS Devices with support for SIP - CSCsh58082
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.1 / Cisco 2811 / 12.4(12) / SAMPLE170WA / CISCO2811
10.1.1.2 / Cisco 2801 / 12.4(12) / SAMPLE 521YQ / CISCO2801-SRST/K9
Alert Type / PSIRT
Severity / Important
URL /


Headline / Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.3 / Cisco 2811 / 12.4(12) / SAMPLE 170WA / CISCO2811
10.1.1.4 / Cisco 2801 / 12.4(12) / SAMPLE 521YQ / CISCO2801-SRST/K9
Alert Type / PSIRT
Severity / Informational
URL /

Headline / Cisco IOS Software H.323 Denial of Service Vulnerabilities
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.1 / Cisco 2811 / 12.4(22)T / SAMPLE 5A0JD / C2811-15UC/K9
10.1.1.2 / Cisco 2811 / 12.4(12) / SAMPLE 170WA / CISCO2811
10.1.1.3 / Cisco 2801 / 12.4(12) / SAMPLE 521YQ / CISCO2801-SRST/K9
Alert Type / HW EOL
Severity / Critical
URL /
Headline / Cisco 2600 "Non XM" MultiService Access Routers
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.1 / Cisco 2611 / 12.3(24) / SAMPLE 2A161 / CISCO2611
Alert Type / SW EOL
Severity / Important
URL /
Headline
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.1 / Catalyst 3560G-24PS / 12.2(35)SE5 / SAMPLE 6W1T2 / WS-C3560G-24PS-S
10.1.1.2 / Catalyst 3560G-24PS / 12.2(35)SE5 / SAMPLE 6Z7UF / WS-C3560G-24PS-S
Alert Type / SW EOL
Severity / Informational
URL /
Headline / url checked 3/18/2008
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.2 / Cisco 2611 / 12.3(24) / SAMPLE 2A161 / CISCO2611
Alert Type / HW EOS
Severity / Informational
URL /
Headline / Cisco 2600 "Non XM" MultiService Access Routers
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.3 / Cisco 2611 / 12.3(24) / SAMPLE 2A161 / CISCO2611
Alert Type / SW EOS
Severity / Informational
URL /
Headline / url checked 3/18/2008
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.4 / Cisco 2611 / 12.3(24) / SAMPLE 2A161 / CISCO2611
Alert Type / HW FN
Severity / Important
URL /
Headline / FN 62573 - Router (AS5350XM, AS5400XM, C180X, C181X, C1841, IAD2400, C2691, C2800NM, C2801, C3725, C3745, C3800, VG224) Unable To Read Compact Flash - ROMMON Upgrade Available
IP Address / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.4 / Cisco 1801 / 12.4(15)T14 / SAMPLE 811BA / CISCO1801
10.1.1.5 / Cisco 2811 / 12.4(12) / SAMPLE 170WA / CISCO2811

Core Assess and Repair Action Needed

Core Assess and Repair
Number of devices assessed / 14
Number of issues open / 4
Device Details of Core Assess and Repair
IP Address / Host Name / Device Type / Site / Open Vulnerabilities
10.1.1.1 / HostN / Cisco 2611 / SanSite / 2
10.1.1.2 / HostM / Catalyst 3560G-24PS / SanSite / 1
10.1.1.3 / HostO / Catalyst 3560G-24PS / SanSite / 1
Details of Open Vulnerabilities
Title / Huge Buffer
Severity / Medium
Description / Buffer tuning allows you to modify the way in which a router allocates buffers from its available memory. It also helps to prevent packet drops during a temporary burst of traffic. See
Additional Information /
IP Address / Site / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.1 / SanSite / Cisco 2611 / 12.3(24) / SAMPLE2A161 / CISCO2611
Title / Large Buffer
Severity / Medium
Description / Buffer tuning allows you to modify the way in which a router allocates buffers from its available memory. It also helps to prevent packet drops during a temporary burst of traffic. See
Additional Information /
IP Address / Site / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.1 / SanSite / Cisco 2611 / 12.3(24) / SAMPLE 2A161 / CISCO2611
Title / Very Big Buffer
Severity / Medium
Description / Buffer tuning allows you to modify the way in which a router allocates buffers from its available memory. It also helps to prevent packet drops during a temporary burst of traffic. See
Additional Information /
IP Address / Site / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.2 / SanSite / Catalyst 3560G-24PS / 12.2(35)SE5 / SAMPLE 6W1T2 / WS-C3560G-24PS-S
10.1.1.3 / SanSite / Catalyst 3560G-24PS / 12.2(35)SE5 / SAMPLE 6Z7UF / WS-C3560G-24PS-S

Disaster Recovery Action Needed

Disaster Recovery
Number of devices that were backed-up / 15
Number of devices that were not backed-up / 5
Date of last back-up / Jun 24 2010 13:44
Status of last back-up / Partial
Number of days since last back-up / 184

Note: Devices were not backed-up either because service is not supported for the device or the devices are not on contract.

Devices not Backed-up

Devices Supported for Back-up

Devices not Backed-up by Last Back-up Run
IP Address / Name / OS Type and Version / Site
10.1.1.1 / HostG / 12.3(24) / SanSite

Devices not supported for Back-up

Devices for which Back-up Service is not Supported
IP Address / Name / OS Type and Version / Site
10.1.1.2 / HostA / 6.1.2.1002(1) / SanSite
10.1.1.3 / HostS / 6.1.2.1002(1) / SanSite
10.1.1.4 / HostD / 4.2(1.0) / SanSite
10.1.1.5 / HostF / 1.7.17.0 / SanSite

IPS Signature Assessment Action Needed

IPS Signature Assessment
Number of devicesassessed / 4
Number of issues open / 4
Device Details of IPS Signature Assessment
IP Address / Device Name / Device Type / OS Type and Version / Current IPS Sig File Version / Recommended IPS File Version / Current IPS Version / Latest IPS Version / License
Status / Physical Memory / Severity
10.1.0.1 / HostN / Cisco 2811 / 12.4(22)T / S353.0 / S507.0 / 4 / 5 / NA / 244 / Critical
10.1.0.2 / HostQ / Cisco 2821 / IOS 12.4T(15) / S462.0 / S512.0 / 5 / 5 / NA / 242 / Severe
10.3.0.3 / HostS / Cisco 2851 / IOS 12.4T(15) / S353.0 / S512.0 / 5 / 5 / NA / 242 / Medium
10.4.0.16 / HostB / Cisco 1811 / IOS 12.4T(15) / S462.0 / S512.0 / 5 / 5 / NA / 231 / Minor

Security Assess and Repair Action Needed

Security Assess and Repair
Number of device assessed / 4
Number of issues open / 4
Device Details of Security Assess and Repair
IP Address / Host Name / Device Type / Site / Open Vulnerabilities
10.1.1.1 / HostI / Cisco 1801 / SanSite / 1
10.1.1.2 / HistU / Cisco 2811 / SanSite / 1
10.1.1.3 / HostY / Catalyst 3560G-24PS / SanSite / 1
10.1.1.4 / HostT / Catalyst 3560G-24PS / SanSite / 1
Details of Open Vulnerabilities
Title / AccessCompiled
Severity / Critical
Description / The Turbo ACL feature is enabled by using the "access-list compiled" command on IOS versions 12.1(6) and later. This command is useful to minimize the performance impact of long and complex ACLs on Cisco routers.
Additional Information
IP Address / Site / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.1 / SanSite / Cisco Aironet 1240 AG Access Point / 12.4(21a)JY / SAMPLE08169 / AIR-AP1242AG-E-K9
Title / NTPInterface
Severity / Severe
Description / Network Time Protocol (NTP) is not particularly vulnerable, however, any unnecessary service can represent a path for network penetration. If NTP is not being used on a particular router interface, you can disable it by using the interface command "ntp disable". For more information about NTP configuration, see
Additional Information /
IP Address / Site / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.2 / SanSite / Cisco Aironet 1240 AG Access Point / 12.4(21a)JY / SAMPLE08169 / AIR-AP1242AG-E-K9
Title / AccessModeVlan1
Severity / Medium
Description / Recommendation: Make sure that no ports are assigned to VLAN1.
Additional Information
IP Address / Site / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.3 / SanSite / Catalyst 3560G-24PS / 12.2(35)SE5 / SAMPLE6W1T2 / WS-C3560G-24PS-S
Title / AuxLineAuth
Severity / Minor
Description / Auxiliary line authentication must be enabled by using AAA authentication. The password should adhere to password policy and must not be found in the password dictionary
Additional Information
IP Address / Site / Device Type / OS Type and Version / Serial Number / Product ID
10.1.1.4 / SanSite / Cisco 1801 / 12.4(15)T14 / SAMPLE811BA / CISCO1801

Voice Assessment

Voice Assessment
Number of devices assessed / 16
Number of devices on which QoS is not enabled / 3
Voice Assessment
Site / IP Address / Device Type / OS Type and Version / QoS Enabled? / Last Assessment Date
SanSite / 10.1.1.1 / Cisco ASA 5520 / 8.2(2) / No / Dec 25 2010 08:00
SanSite / 10.1.1.2 / Catalyst 295048SX / 12.1(22)EA8 / No / Apr 25 2010 07:00
SanSite / 10.1.1.3 / Cisco ASA 5520 / 8.2(1) / No / Oct 25 2010 07:00

IPv6 Assessment Action Needed

IPv6 Assessment
Number of devices assessed / 45
Number of issues open / 45
Device details of IPv6 Assessment
IP Address / OS Type and Version / Device Type / SN / PID / Assessment run date / Assessment result
192.168.99.76 / 12.2(50)SE2 / Catalyst 2960-24-S / FSJC0712038 / Mar 13 2014 / Further Analysis Required
192.168.99.78 / 12.2(25)EY2 / Catalyst 3750-24ME / CAT0930R1Y2 / ME-C3750-24TE-M / Mar 13 2014 / Further Analysis Required
192.168.99.116 / 12.4(25) / Cisco 1701ADSLBRI / FOC080915F3 (1562749778) / 1701 / Mar 13 2014 / Further Analysis Required
192.168.99.103 / 12.3(26) / Cisco 1750 / JAD05380KTC (2808871045) / 1750 / Mar 13 2014 / Further Analysis Required
192.168.99.39 / 12.3(18) / Cisco 1760 / FOC06520JCC (1408537543) / 1760 / Mar 13 2014 / Further Analysis Required
192.168.99.98 / 12.0(5)WC2 / Catalyst WS-C3524-PWR-XL / FAA0438W0L5 / WS-C3524-PWR-XL-EN / Mar 13 2014 / IPv6 Not Capable
192.168.99.101 / 12.4(21a) / Cisco SB 107 Secure ADSL Router / FHK095150PD / Mar 13 2014 / IPv6 Not Capable
192.168.99.114 / 12.2(50)SE / Catalyst 2960-24TC / FHK1045Y01E / WS-C2960-24TC-L / Mar 13 2014 / Requires Upgrade (Software OS/Feature Set or DRAM/Flash
192.168.99.210 / 12.2(25)SEE2 / Catalyst 2960-24TC / FOC1041ZA3G / WS-C2960-24TC-L / Mar 13 2014 / Requires Upgrade (Software OS/Feature Set or DRAM/Flash
192.168.99.251 / 12.2(25)SEE3 / Catalyst 2960-24TT / FOC1121ZC4C / WS-C2960-24TT-L / Mar 13 2014 / Requires Upgrade (Software OS/Feature Set or DRAM/Flash

Medianet Assessment Action Needed

Medianet Assessment
Number of devices assessed / 44
Number of issues open / 44
Device details of Medianet Assessment
IP Address / OS Type and Version / Device Type / SN / PID / Assessment run date / Assessment result
172.20.106.16 / 12.1(22)EA8 / Catalyst 3550-24PWR-SMI / CAT0736Z01F / WS-C3550-24-PWR / Mar 13 2014 / Require further analysis
Recommendation:Contact your account team to obtain migration recommendations for Medianet. Medianet capable platforms are ISR G2 29xx , 39xx OR ASR 1xxx.
192.168.99.242 / 12.2(25)SEC2 / Catalyst 3560-24PS / CAT0933R321 / WS-C3560-24PS-S / Mar 13 2014 / Require further analysis
Recommendation:Contact your account team to obtain migration recommendations for Medianet. Medianet capable platforms are ISR G2 29xx , 39xx OR ASR 1xxx.
192.168.99.98 / 12.0(5)WC2 / Catalyst WS-C3524-PWR-XL / FAA0438W0L5 / WS-C3524-PWR-XL-EN / Mar 13 2014 / Require further analysis
Recommendation:Contact your account team to obtain migration recommendations for Medianet. Medianet capable platforms are ISR G2 29xx , 39xx OR ASR 1xxx.
192.168.99.115 / 12.4(3g) / Cisco 2811 / FTX1126A038 / CISCO2811 / Mar 13 2014 / Hardware incapable
Recommendation:ISR G2 29xx or 39xx
192.168.99.162 / 12.4(8b) / Cisco 2821 / FTX0933A278 / CISCO2821 / Mar 13 2014 / Hardware incapable
Recommendation:ISR G2 29xx or 39xx
192.168.99.33 / 12.4(9)T7 / Cisco 3745 / FTX0939A28K / C3745-2FE / Mar 13 2014 / Hardware incapable
Recommendation:ISR G2 29xx or 39xx
192.168.99.2 / 12.2(25)SEE2 / Cisco Catalyst3750-48TS / CAT0819N2N8 / WS-C3750-48TS-S / Mar 13 2014 / Hardware incapable
Recommendation:ISR G2 29xx or 39xx
192.168.99.66 / 12.1(22)EA4 / Catalyst 295012G / FHK0932W05N / WS-C2950G-12-EI / Mar 13 2014 / Software incapable
Recommendation:Software migration recommendation for hardware platform '2950' and software package 'IP Services': 15.1(3)T or later
192.168.99.67 / 12.1(22)EA4 / Catalyst 29508LRESt / FHK0931R025 / WS-C2950ST-8-LRE / Mar 13 2014 / Software incapable
Recommendation:Software migration recommendation for hardware platform '2950' and software package 'IP Services': 15.1(3)T or later
192.168.99.82 / 12.1(22)EA6 / Catalyst 2950t24 / FOC1017Z53A / WS-C2950T-24 / Mar 13 2014 / Software incapable
Recommendation:Software migration recommendation for hardware platform '2950' and software package 'IP Services': 15.1(3)T or later
192.168.99.76 / 12.2(50)SE2 / Catalyst 2960-24-S / FSJC0712038 / Mar 13 2014 / Software incapable
Recommendation:Software migration recommendation for hardware platform '2960' and software package 'IP Services': 15.1(3)T or later

EnergyWise Assessment Action Needed

EnergyWise Assessment
Number of devices assessed / 44
Number of issues open / 42
Device details of EnergyWise Assessment
IP Address / OS Type and Version / Device Type / SN / PID / Assessment run date / Assessment result
192.168.99.98 / 12.0(5)WC2 / Catalyst WS-C3524-PWR-XL / FAA0438W0L5 / WS-C3524-PWR-XL-EN / Mar 13 2014 / Hardware Incapable
Recommendation: List of supported devices can be found in the EnergyWise Release Notes
192.168.99.103 / 12.3(26) / Cisco 1750 / JAD05380KTC (2808871045) / 1750 / Mar 13 2014 / Hardware Incapable
Recommendation: List of supported devices can be found in the EnergyWise Release Notes
192.168.99.39 / 12.3(18) / Cisco 1760 / FOC06520JCC (1408537543) / 1760 / Mar 13 2014 / Hardware Incapable
Recommendation: List of supported devices can be found in the EnergyWise Release Notes
192.168.99.210 / 12.2(25)SEE2 / Catalyst 2960-24TC / FOC1041ZA3G / WS-C2960-24TC-L / Mar 13 2014 / Software Incapable
Recommendation: Upgrade the OS from 12.2(25)SEE2 to 15.0(1)SE2
192.168.99.251 / 12.2(25)SEE3 / Catalyst 2960-24TT / FOC1121ZC4C / WS-C2960-24TT-L / Mar 13 2014 / Software Incapable
Recommendation: Upgrade the OS from 12.2(25)SEE3 to 15.0(1)SE2
172.20.106.6 / 12.2(55)SE / Catalyst 2960G-8TC-L / FOC1123U30N / WS-C2960G-8TC-L / Mar 13 2014 / Software Incapable
Recommendation: Upgrade the OS from 12.2(55)SE to 15.0(1)SE2
192.168.99.66 / 12.1(22)EA4 / Catalyst 295012G / FHK0932W05N / WS-C2950G-12-EI / Mar 13 2014 / EnergyWise Unsupported
Recommendation: List of supported devices can be found in the EnergyWise Release Notes
192.168.99.67 / 12.1(22)EA4 / Catalyst 29508LRESt / FHK0931R025 / WS-C2950ST-8-LRE / Mar 13 2014 / EnergyWise Unsupported
Recommendation: List of supported devices can be found in the EnergyWise Release Notes
192.168.99.82 / 12.1(22)EA6 / Catalyst 2950t24 / FOC1017Z53A / WS-C2950T-24 / Mar 13 2014 / EnergyWise Unsupported
Recommendation: List of supported devices can be found in the EnergyWise Release Notes

April 2014Page 1 of 14