The Cisco ISE must conduct configuration and operational backups when changes are made or must schedule backups weekly, at a minimum.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-242638 | CSCO-NM-000330 | SV-242638r1025180_rule | CCI-000366 | low |
| Description | ||||
| If this information is not backed up and a system failure was to occur, the security settings would be difficult to reconfigure quickly and accurately, thus increasing adverse impact of the outage. There are two types of ISE backups: Configuration backup and operational backup. This requirement pertains to the configuration. Since the administrator may forget to immediately backup each time changes are made, a scheduled weekly backup is a best practice and preferred. However, there may be operational impacts for the scheduling option that necessitate immediate backup after configuration changes method be used. | ||||
| STIG | Date | |||
| Cisco ISE NDM Security Technical Implementation Guide | 2024-09-10 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-242638r1025180_chk)
Review the SSP to see the site's network device backup policy.
1. Navigate to Administration >> System >> Backup and Restore.
2. Check the Cisco ISE backup log to verify regular backups are being performed.
If configuration and operational backups are not being performed when changes are made and/or scheduled weekly (at a minimum), this is a finding.
Fix Text (F-45870r1025179_fix)
1. To configure a repository, navigate to Administration >> System >> Maintenance > Repository.
2. Click "Add".
3. Provide a Repository Name and choose SFTP (recommended) or a secure protocol. Then enter Server Name, Path, User Name, and Password, and click "Submit". The repository must be on another device such as the syslog or SFTP server.
On-demand and/or scheduled configuration and operational data backups are as follows:
1. Navigate to Administration >> System >> Backup & Restore.
2. Select "Configuration Data Backup".
3. Provide a Backup Repository Name, Encryption Key, and scheduling information in compliance with SSP.
4. Click "Backup".
5. Repeat steps with Step 2 being the Operational Data Backup option.