Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
79-2
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 79 Configuring Anonymous Reporting and Smart Call Home
Information About Anonymous Reporting and Smart Call Home
Information About Anonymous Reporting
Customers can help to improve the ASA platform by enabling Anonymous Reporting, which allows
Cisco to securely receive minimal error and health information from the device. If you enable the feature,
your customer identity will remain anonymous, and no identifying information will be sent.
Enabling Anonymous Reporting creates a trust point and installs a certificate. A CA certificate is
required for your ASA to validate the server certificate present on the Smart Call Home web server and
to form the HTTPS session so that your ASA can send messages securely. Cisco imports a certificate
that is predefined in the software. If you decide to enable Anonymous Reporting, a certificate is installed
on the ASA with a hardcoded trust point name: _SmartCallHome_ServerCA. When you enable
Anonymous Reporting, this trust point is created, the appropriate certificate is installed, and you receive
a message about this action. The certificate then shows up in your configuration.
If the appropriate certificate already exists in your configuration when you enable Anonymous
Reporting, no trust point is created, and no certificate is installed.
Note When you enable Anonymous Reporting you acknowledge your consent to transfer the specified data to
Cisco or to vendors operating on Cisco’s behalf (including countries outside of the U.S.).
Cisco maintains the privacy of all customers. For information about Cisco’s treatment of personal
information, see the Cisco Privacy Statement at the following URL:
http://www.cisco.com/web/siteassets/legal/privacy.html
What is Sent to Cisco?
Messages are sent to Cisco once a month and whenever the ASA reloads. These messages are categorized
by alert groups, which are predefined subsets of Smart Call Home alerts that are supported on the ASA:
configuration alerts, inventory alerts, and crash information alerts.
Inventory alerts consist of output from the following commands:
show version—Displays the ASA software version, hardware configuration, license key, and related
uptime data for the device.
show environment—Shows system environment information for ASA system components, such as
hardware operational status for the chassis, drivers, fans, and power supplies, as well as temperature
status, voltage, and CPU usage.
show inventory—Retrieves and displays inventory information about each Cisco product that is
installed in the networking device. Each product is identified by unique device information, called
the UDI, which is a combination of three separate data elements: the product identifier (PID), the
version identifier (VID), and the serial number (SN).
show failover state—Displays the failover state of both units in a failover pair. The information
displayed includes the primary or secondary status of the unit, the Active/Standby status of the unit,
and the last reported reason for failover.
show module—Shows information about any modules installed on the ASAs, for example,
information about an AIP SSC installed on the ASA 5505 or information about an SSP installed on
the ASA 5585-X, and information about an IPS SSP installed on an ASA 5585-X.
Configuration alerts consist of output from the following commands:
show context—Shows allocated interfaces and the configuration file URL, the number of contexts
configured, or, if you enable AR in the system execution space, from a list of all contexts.