Cisco ASA 5500 Series Configuration Guide using ASDM, 6.3
Configuring Smart Call Home
Downloads: This chapterpdf (PDF - 120.0KB) The complete bookPDF (PDF - 22.37MB) | Feedback

Configuring Smart Call Home

Table Of Contents

Configuring Smart Call Home

Information About Smart Call Home

Guidelines and Limitations

Licensing Requirements for Smart Call Home

Configuring Smart Call Home

Smart Call Home Monitoring

Feature History for Smart Call Home


Configuring Smart Call Home


This chapter describes how to configure the Smart Call Home feature, and includes the following sections:

Information About Smart Call Home

Guidelines and Limitations

Licensing Requirements for Smart Call Home

Configuring Smart Call Home

Smart Call Home Monitoring

Feature History for Smart Call Home

Information About Smart Call Home

Smart Call Home offers proactive diagnostics and real-time alerts on the adaptive security appliance and provides higher network availability and increased operational efficiency. This feature provides higher network availability through proactive and quick issue resolution by doing the following:

Identifying issues quickly with continuous monitoring, real-time, proactive alerts, and detailed diagnostics.

Making you aware of potential problems through Smart Call Home notifications, in which a service request has been opened, with all diagnostic data attached.

Resolving critical problems faster with direct, automatic access to experts in Cisco TAC.

Smart Call Home offers increased operational efficiency by providing you with the ability to do the following:

Use staff resources more efficiently by reducing troubleshooting time.

Generate service requests to Cisco TAC automatically, routed to the appropriate support team, which provides detailed diagnostic information that speeds problem resolution.

Smart Call Home offers quick, web-based access to required information that provides you with the ability to do the following:

Review all Smart Call Home messages, diagnostics, and recommendations in one place.

Check service request status quickly.

View the most up-to-date inventory and configuration information for all Smart Call Home-enabled devices.

Guidelines and Limitations

Failover Guidelines

Supports Active/Active and Active/Standby failover.

Firewall Mode Guidelines

Supported in routed and transparent firewall modes.

Context Mode Guidelines

Supported in single mode and multiple context mode.

IPv6 Guidelines

Supports IPv6.

Additional Guidelines

In multiple context mode, the snapshots command is divided into two commands: one to obtain information from the system context and one to obtain information from the normal context.

Licensing Requirements for Smart Call Home

The following table shows the licensing requirements for this feature.

Model
License Requirement

All models

Base License.


Configuring Smart Call Home

Configuring Smart Call Home

To configure Smart Call Home service, system setup, and alert subscription profiles, perform the following steps:


Step 1 Choose Configuration> Device Management> Smart Call Home.

Step 2 Check the Enable Smart Call Home check box to enable the feature.

Step 3 Double-click System Setup. The System Setup consists of three panes. Each pane can be expanded or collapsed by double-clicking the title row. In the Mail Servers pane. you can set up mail servers through which Smart Call Home messages are delivered to e-mail subscribers. In the Contact Information pane, you can enter the information of the person to contact for the adaptive security appliance that appears in Smart Call Home messages. This pane includes the following:

The name of the contact person.

The contact phone number.

The postal address of the contact person.

The e-mail address of the contact.

The "from" e-mail address in Smart Call Home e-mail.

The "reply-to" e-mail address in Smart Call Home e-mail.

The customer ID.

The site ID.

The contract ID.

In the Alert Control pane, administrators can fine tune alert control parameters. This pane includes the Alert group status pane, which lists the status (enabled or disabled) of the following alert groups:

The diagnostics alert group.

The configuration alert group.

The environmental alert group.

The inventory alert group.

The snapshot alert group.

The syslog alert group.

The telemetry alert group.

The threat alert group.

The maximum number of Smart Call Home messages processed per minute.

The "from" e-mail address in Smart Call Home e-mail.

Step 4 Double-click Alert Subscription Profiles. Each named subscription profile identifies subscribers and alert groups of interest.

a. Click Add or Edit to display the Subscription Profile Editor, in which you can create a new subscription profile or edit an existing subscription profile.

b. Click Delete to remove the selected profile.

c. Check the Active check box to send the Smart Call Home message of the selected subscription profile to subscribers.

Step 5 When you click Add or Edit, the Add or Edit Alert Subscription Profile dialog box appears.

a. The Name field is read-only, so you cannot edit it.

b. Check the Enable this subscription profile check box to enable or disable this particular profile.

c. Click either the HTTP or Email radio button in the Alert Delivery Method area.

d. In the Subscribers field, specify the alert delivery method: e-mail address or web address.

e. The Alert Dispatch area lets the administrator specify what type of Smart Call Home information to send to subscribers and under what conditions. There are two types of alerts, time-based and event-based, chosen according to how the alert is triggered. The following alert groups are time-based: Configuration, Inventory, Snapshot, and Telemetry. The following alert groups are event-based: Diagnostic, Environmental, Syslog, and Threat.

f. The Message Parameters area lets you fine tune parameters that control messages sent to the subscriber, including the preferred message format and the maximum message size.

Step 6 For time-based alerts, in the Alert Dispatch area, click Add or Edit to display the Add or Edit Configuration Alert Dispatch Condition dialog box.

a. In the Alert Dispatch Frequency area, specify the frequency in which to send the information to subscribers:

For monthly subscription, specify the day of the month, as well as the time of the day to send the information. If they are not specified, the adaptive security appliance chooses appropriate values for them.

For weekly subscription, specify the day of the week, as well as the time of the day to send the information. If they are not specified, the adaptive security appliance chooses appropriate values for them.

For daily subscription, specify the time of the day to send the information. If it is not specified, the adaptive security appliance chooses an appropriate value for it.

For hourly subscription, specify the minute of the hour to send the information. If it is not specified, the adaptive security appliance chooses an appropriate value for it. Hourly subscription is only applicable to the snapshot and telemetry alert groups.

b. Click the Basic or Detailed radio button to provide the desired level of information to subscribers.

c. Click OK when you are done.

Step 7 For diagnostic, environment, and threat event-based alerts, in the Alert Dispatch area, click Add or Edit to display the Create or Edit Diagnostic Alert Dispatch Condition dialog box.

Step 8 Specify the event severity that triggers dispatch of the alert to subscribers in the Event Severity drop-down list, and then click OK.

Step 9 For inventory time-based alerts, in the Alert Dispatch area, click Add or Edit to display the Create or Edit Inventory Alert Dispatch Condition dialog box.

Step 10 Specify how often to dispatch alerts to subscribers in the Alert Dispatch Frequency drop-down list, and then click OK.

Step 11 For snapshot time-based alerts, in the Alert Dispatch area, click Add or Edit to display the Create or Edit Snapshot Alert Dispatch Condition dialog box.

a. In the Alert Dispatch Frequency area, specify the frequency in which to send the information to subscribers:

For monthly subscription, specify the day of the month, as well as the time of the day to send the information. If they are not specified, the adaptive security appliance chooses appropriate values for them.

For weekly subscription, specify the day of the week, as well as the time of the day to send the information. If they are not specified, the adaptive security appliance chooses appropriate values for them.

For daily subscription, specify the time of the day to send the information. If it is not specified, the adaptive security appliance chooses an appropriate value for it.

For hourly subscription, specify the minute of the hour to send the information. If it is not specified, the adaptive security appliance chooses an appropriate value for it. Hourly subscription is only applicable to the snapshot and telemetry alert groups.

For interval subscription, specify how often, in minutes, the formation is sent to the subscribers. This requirement is only applicable to the snapshot alert group.

b. Click OK when you are done.

Step 12 For syslog event-based alerts, in the Alert Dispatch area, click Add or Edit to display the Create or Edit Syslog Alert Dispatch Condition dialog box.

a. Check the Specify the event severity which triggers the dispatch of alert to subscribers check box, and choose the event severity from the drop-down list.

b. Check the Specify the message IDs of syslogs which trigger the dispatch of alert to subscribers check box.

c. Specify the syslog message IDs that trigger dispatch of the alert to subscribers according to the on-screen instructions.

d. Click OK when you are done.

Step 13 For telemetry event-based alerts, in the Alert Dispatch area, click Add or Edit to display the Create or Edit Telemetry Alert Dispatch Condition dialog box.

a. In the Alert Dispatch Frequency area, specify the frequency in which to send the information to subscribers:

For monthly subscription, specify the day of the month, as well as the time of the day to send the information. If they are not specified, the adaptive security appliance chooses appropriate values for them.

For weekly subscription, specify the day of the week, as well as the time of the day to send the information. If they are not specified, the adaptive security appliance chooses appropriate values for them.

For daily subscription, specify the time of the day to send the information. If it is not specified, the adaptive security appliance chooses an appropriate value for it.

For hourly subscription, specify the minute of the hour to send the information. If it is not specified, the adaptive security appliance chooses an appropriate value for it. Hourly subscription is only applicable to the snapshot and telemetry alert groups.

b. Click OK when you are done.


Smart Call Home Monitoring

To monitor the Smart Call Home feature, perform the following steps:

Path
Purpose

Tools > Command Line Interface

Type show call- home detail, then click Send.

Shows the current Smart Call Home detail configuration.

Tools > Command Line Interface

Type show call-home mail-server status, then click Send.

Shows the current mail server status.

Tools > Command Line Interface

Type show smart-call- home profile {profile name | all, then click Send.

Shows the configuration of Smart Call Home profiles.

Tools > Command Line Interface

Type show call-home registered-module all, then click Send.

Shows the registered module status.

Tools > Command Line Interface

Type show smart-call statistics, then click Send.

Shows call-home detail status.

Tools > Command Line Interface

Type show call-home, then click Send.

Shows the current Smart Call Home configuration.

Tools > Command Line Interface

Type show dynamic-filter reports top, then click Send.

Generates reports of the top ten botnet sites, ports, and infected hosts.

Tools > Command Line Interface

Type show dynamic-filter statistics, then click Send.

Shows how many connections were monitored with the Botnet Traffic Filter, and how many of those connections match the whitelist, blacklist, and graylist.

Tools > Command Line Interface

Type show running-config call-home, then click Send.

Shows the current Smart Call Home running configuration.

Tools > Command Line Interface

Type show shun, then click Send.

Shows shun information.

Tools > Command Line Interface

Type show smart-call- home alert-group, then click Send.

Shows the current status of Smart Call Home alert groups.

Tools > Command Line Interface

Type show threat-detection rate, then click Send.

Shows basic threat detection statistics.

Tools > Command Line Interface

Type show threat-detection rate, then click Send.

Show current attackers and targets.

Tools > Command Line Interface

Type show threat-detection shun, then click Send.

Shows currently shunned hosts.

Tools > Command Line Interface

Type show threat-detection statistics, then click Send.

Shows statistics for hosts, ports, and protocols.


Feature History for Smart Call Home

Table 1 lists each feature change and the platform release in which it was implemented. ASDM is backwards-compatible with multiple platform releases, so the specific ASDM release in which support was added is not listed.

Table 1 Feature History for Smart Call Home 

Feature Name
Platform Releases
Feature Information

Smart Call Home

8.2(2)

The Smart Call Home feature offers proactive diagnostics and real-time alerts on the adaptive security appliance, and provides higher network availability and increased operational efficiency.

The following screen was introduced:

Configuration> Device Management> Smart Call Home.