Customer File Uploads to Cisco Technical Assistance Center

Customer File Uploads to Cisco Technical Assistance Center

Overview

Cisco provides multiple options to upload information to the Cisco Technical Assistance Center (TAC) to fit customer’s different operating environments. Some of these options are less secure, leading to certain inherent risks. Each option has limitations that should be considered before deciding on an appropriate upload option. The following table summarizes the available upload options, the availability of file encryption, files size limits, and other relevant limitations.


options table


The preferred and most secure option is to use the Support Case Manager (SCM) Java Client File Upload. Files transferred via this option are encrypted in transit and are size constrained to 256 GB. The communication channel between the customer’s computing device and Cisco is encrypted and the information is also immediately linked to the associated Service Request and stored in an encrypted format.

A less preferred and most secure option is using SCM Non-Java File Upload. Files transferred via this option are encrypted in transit. SCM Non-Java File Upload is less preferred because the tool is limited to file transfers of 20 MB or less. The communication channel between the customer’s computing device and Cisco is encrypted and the information is also immediately linked to the associated Service Request and stored in an encrypted format.

Customers can still use the TAC Service Request Tool (TSRT) Java Client File Upload and Non-Java File Upload.

Another option is direct, point-to-point file transfer during a live TAC Cisco WebEx Support Center Session or a TAC Cisco WebEx Meeting Center Session. Cisco WebEx Sessions must be initiated by a Cisco Customer Support Engineer. Files transferred via this option are encrypted in transit and are size constrained to 50 GB. The communication channel between the customer's computing device and Cisco is encrypted. This option is less preferred as the files are not automatically linked to the Service Request and must be manually added to the Service Request and removed by the account owner.

Another option is using file transfer via WebEx Personal Folders. A Cisco Customer Support Engineer will provide instructions on where to upload the file. Files transferred via this option are encrypted in transit and are size constrained to 50 GB. This transfer method does not require a live WebEx Session, so the Cisco Customer Support Engineer will need to be informed once the file is posted to this location. This option is less preferred because the files are not automatically linked to the Service Request and must be manually added to the Service Request and removed by the account owner.

If customers cannot use SCM, TSRT, or a TAC Cisco WebEx session, the least preferred information upload options are via an e-mail message to attach@cisco.com and through the use of File Transfer Protocol (FTP) to ftp.cisco.com/incoming/TAC. Files transferred via e-mail are size constrained to 20 MB. These options do not inherently secure the communication channel between the customer's computing device and Cisco, nor is the information stored securely until it is attached to the customer's Service Request. If either of these alternative options is used, it is incumbent upon the customer to explicitly encrypt the data before it is uploaded. The customer should employ a strong password, and communicate the password used to Service Request Customer Support Engineer owner out-of-band, for example over the telephone or via SCM/TSRT case update.

Support Case Manager Java Client File Upload

The Support Case Manager (SCM) Java Client File Upload is the preferred and most secure upload option. This tool allows customers to create and query Service Requests. Customers can query the history and status of the Service Requests they have opened with the Cisco TAC and update those Service Requests while they are open. The SCM Java Client File Upload feature also allows customers to upload files. These files are attached to the Service Request and will be used by the Service Request Customer Support Engineer owner to help resolve the issue.

Files up to 256 GB in size may be attached to a Service Request. Files are encrypted during upload to Cisco. A Java applet initiates the upload on the client side and encrypts the files while providing the widest interoperability for different browsers and different operating systems.

Note: Java Runtime Environment (JRE) 1.6.0_17 or later is required. Download the latest Java update at www.java.com . Non-Java users can use the SCM Non-Java File Upload to securely transfer multiple files (totaling 20 MB) to Cisco. The SCM Non-Java File Upload is documented later in this document. Additional system requirements and limitations are documented at the following link:
https://www.cisco.com/web/tsweb/sasi/reference/1_0/help.html#browsers

Uploading Files

Complete the following steps to upload files:

Step 1  Use the following link to log in to SCM for Creating New Service Requests or update the Existing Service Requests: https://tools.cisco.com/ServiceRequestTool/scm/mgmt/case.
Step 2  Accept the Java Applet from Cisco.
Step 3  Proceed to the applicable upload options section below:

Upload Option: Uploading While Creating a Service Request

This step allows you to upload files that may help diagnose your problem more quickly.

Note: This step is only available if you selected Diagnose and Fix my Problem or Replace my Product as the support case type.

Complete the following steps to attach files:

Step 1  Click Attach Files or attach (Figure 1).

Figure 1. New Support Case: Attach Files Screen

Fig 1 SCM Attach to new case

Step 2  Select the files to be uploaded. After the files are selected, they will show a status of Upload Pending.
The Type and Description fields in the first row contain a prompt to add more information about the file:

  • Use the Type field to select an attachment type.
  • Use the Description field to provide a brief description of the file.

Step 3  Click OK to upload the files.
Step 4  Once the files show a status of Uploaded, click Next to continue.

Once uploaded, the files are listed in the Attachments area.

Upload Option: Uploading to an Existing Service Request

Complete the following steps to upload files to an existing Service Request:

Step 1  From the Support Case Manager screen, click Attach Files (Figure 2).

Figure 2. Existing Support Case: Attach Files Screen

Fig 2 SCM Attach to existing case

Step 2  Select the files to be uploaded. After the files are selected, they will show a status of Upload Pending.
The Type and Description fields on this screen contain a prompt to add more information about the file:

  • Use the Type field to select an attachment type.
  • Use the Description field to provide a brief description of the file.

Step 3  Click OK to upload these files.

Once uploaded, the files are listed in the Attachments area after a Service Request is created.

Non-Java SCM File Upload

The SCM File Upload feature requires Java Runtime Environment (JRE) 1.6.0_17 or later. Non-Java users can use the Non-Java File Upload to transfer files to Cisco. Files transferred using this option are encrypted in transit. SCM without Java is less preferred because the tool is limited to file transfers of 20 MB or less. The communication channel between the customer's computing device and Cisco is encrypted and the information is also immediately linked to the associated Service Request and stored in an encrypted format.

Uploading Files with the Non-Java File Upload Tool

You can go to the Attach Files section while creating a Service Request or after a Service Request has been created.
Complete the following steps to upload files:

Step 1  Use the following link to log in to SCM for Creating New Service Requests or update the Existing Service Requests: https://tools.cisco.com/ServiceRequestTool/scm/mgmt/case.
Step 2  Click try the non-Java option at the lower right corner of the Attach Files window (Figure 3).

Figure 3. Non-Java File Upload: Attach Files Screen

Fig 3 SCM Non-Java upload

Step 3  Click Choose File on the next Attach Files screen (Figure 4) to upload files to the Service Request. (Up to 5 files totaling 20 MB can be uploaded at once.)

Figure 4. Screen Displayed After Selecting Non-Java Option

Fig 3 SCM Non-Java upload next screen

Step 4   Add the file Type and any required comments to the Description field.
Step 5   Click OK.

Communicate the Password to the TAC Customer Support Engineer

If encrypting attachments, the encrypting password must be shared with the Service Request Customer Support Engineer owner. As a best practice, a method other than that used to upload the file should be used. If an e-mail message or FTP is used to upload the file, the password should be communicated out-of-band by telephone or as a SCM case update as discussed in the Support Case Manager Java Client File Upload section of this document.

TAC Service Request Tool Java Client File Upload

The TAC Service Request Tool (TSRT) Java Client File Upload allows customers to create and query Service Requests. Customers can query the history and status of the Service Requests they have opened with the Cisco TAC and update those Servce Requests while they are open. TSRT Java Client File Upload feature also allows customers to upload files. These files are attached to the Service Request and will be used by the Service Request Customer Support Engineer owner to help resolve the issue.

Files up to 256 GB in size may be attached to a Service Request. Files are encrypted during upload to Cisco. A Java applet initiates the upload on the client side and encrypts the files while providing the widest interoperability for different browsers and different operating systems.

Note: Java Runtime Environment (JRE) 1.6.0_17 or later is required. Download the latest Java update at www.Java.com. Non-Java users can use the TSRT Non-Java File Upload to securely transfer multiple files (totaling 20 MB) to Cisco. The TSRT Non-Java File Upload is documented later in this document. Additional system requirements and limitations are documented at the following link: http://www.cisco.com/web/tsweb/tsrt/system_requirements.html.

Uploading the Files

Complete the following steps to upload files using this method:

Step 1  Search for the Service Request using TSRT at the following link:
https://tools.cisco.com/ServiceRequestTool/query/QueryCaseSearchAction.do

Step 2  Accept the Java Applet from Cisco, and navigate to the Upload Options section, as shown in Figure 5.


Figure 5. Upload Options

Fig 1 Upload options

Step 3 Figure 6 shows the screen that will be displayed.


Figure 6. File Upload

Fig 2 File upload

Select a file to be uploaded by clicking the Browse button and choosing a file from the local directory. 

Step 4 Select the file type under File Type and enter any additional information in the Comments for TAC field.

Step 5  Click the Upload File button to upload the file.

Repeat Steps 4 and 5 for each additional file that will be uploaded.

A message confirming the upload will be displayed, and a notification will be sent to the Service Request Customer Support Engineer owner.

Non Java TSRT File Upload

As mentioned earlier in this document, the TSRT File Upload feature requires Java Runtime Environment (JRE) 1.6.0_17 or later. Non-Java users can use the Non Java File Upload to transfer files to Cisco. Files transferred using this option are encrypted in transit. TSRT without Java is less preferred because the tool is limited to file transfers of 20 MB or less. The communication channel between the customer’s computing device and Cisco is encrypted and the information is also immediately linked to the associated Service Request and stored in an encrypted format.

Uploading the File(s) with Non Java File Upload Tool

Complete the following steps to upload files using this method:

Step 1  Search for the Service Request using TSRT at the following link:
https://tools.cisco.com/ServiceRequestTool/query/QueryCaseSearchAction.do

Step 2 Navigate to the Upload Options section, as shown in Figure 7.


Figure 7. Non Java File Upload Tool

Fig 3 Non Java file upload

Step 3 Click on the Non Java File Upload Tool link, as shown above

Step 4 The following screen will be shown. Use the fields displayed on that page to upload up to three files at one time (totaling 20 MB) to the Service Request.  Additional comments describing each file can be added in the Comments for TAC field.

Figure 8 shows the screen that will be displayed.


Figure 8. Upload New Files

Fig 4 upload new files


TAC Cisco WebEx Support Center and Meeting Center File Transfer

Another option is direct, point-to-point file transfer during a live TAC Cisco WebEx Support Center session or a TAC Cisco WebEx Meeting Center session. Cisco WebEx sessions must be initiated by a Cisco Customer Support Engineer. Files transferred with this option are encrypted in transit and are size-constrained to 50 GB.  The communication channel between the customer’s computing device and Cisco is encrypted. This option is less preferred because the files are not automatically linked to the Service Request and must be manually added to the Service Request and removed by the account owner.

WebEx Personal Folders File Transfer

Another option is using file transfer via WebEx Personal Folders. A Cisco Customer Support Engineer will provide instructions on where to upload the file.  Files transferred with this option are encrypted in transit and are size-constrained to 50 GB.  This transfer method does not require a live WebEx session, so the Cisco Customer Support Engineer will need to be informed once the file is posted to this location. This option is less preferred because the files are not automatically linked to the Service Request and must be manually added to the Service Request and removed by the account owner.

Alternate File Upload Options

If the Support Case Manager (SCM)/TAC Service Request Tool (TSRT) or a TAC Cisco WebEx session cannot be used to upload files, there are alternate upload methods available. Please note that these alternate upload methods are fundamentally insecure and do not encrypt the file or the communication session used to transport the file between the customer and Cisco.
It is incumbent upon the customer to explicitly encrypt the files before they are uploaded using the alternate upload methods. As an additional security best practice, any sensitive information (such as passwords) should be obfuscated or removed from any configuration file or log that is sent over an unsecure channel. The following section describes how to encrypt these files.

Encrypt Files

The following examples show how to encrypt files using three of the many available options such as WinZip, Linux tar and openssl commands, and Linux Gzip and GnuPG. A strong encryption cipher such as AES-128 should be used to properly protect the data. If using ZIP, an application that supports AES encryption must be used. Older versions of ZIP applications support a symmetric encryption system that is not secure and should not be used.

Encrypting Files Using WinZip

For illustrative purposes, this section shows how to encrypt files using the WinZip application. Other applications should provide the same functionality and perform as well as WinZip.

Step 1 Create a ZIP Archive as shown in Figure 9.


Figure 9. Creating a ZIP Archive

Fig 5 Create a Zip

From the WinZip GUI select New and follow the menu prompts to create an appropriately named, new ZIP archive file. The newly created ZIP archive file will appear as shown in Figure 9.

Step 2 Add the file(s) to be uploaded to the ZIP Archive and select the Encrypt added files option as shown in Figure 10.


Figure 10. Encrypt Added Files

Fig 6 Encrypt Added Files

From the main WinZip window, select Add and then select the file(s) that will be uploaded. The Encrypt added files option must be selected as shown in Figure 10.

Step 3 Encrypt the file using the AES encryption cipher and a strong password.


Figure 11. Encrypt the File

Fig 7 Encrypt the File

Selecting Add from the file selection window will open the Encrypt window. An appropriate strong password should be created. This password will be shared with the Service Request Customer Support Engineer owner as discussed later in this document. One of the AES Encryption methods should be selected as shown above.

Step 4 Verify that the file is encrypted. Figure 12 shows the screen that will be displayed.


Figure 12. Verify Encryption

Fig 8 Verify Encryption


Selecting OK in the Encrypt window will encrypt the file(s) and display the main WinZip window. Encrypted files are marked with an asterisk following the file name or a lock icon in the Encryption column as shown above.

Encrypting Files Using Tar and OpenSSL

For illustrative purposes, this section shows how to encrypt files using the Linux command line tar and openssl commands. Other archive and encryption commands should provide the same functionality and perform just as well under Linux or Unix.

Step 1 Create a tar archive of the file and encrypt it through OpenSSL using the AES cipher and a strong password as shown in the example below.



[user@linux ~]$ tar cvzf - Data_for_TAC.dat | openssl aes-128-cbc -k Str0ng_passWo5D | 
                dd of=Data_for_TAC.aes128 Data_for_TAC.dat 60+1 records in 60+1 records out

The above command output shows the combined tar and openssl command syntax to encrypt the file(s) using the AES cipher.

Encrypting Files Using Gzip and GnuPG

For illustrative purposes, this section shows how to encrypt files using the Linux command line Gzip and GnuPG commands. Other archive and encryption commands should provide the same functionality and perform just as well under Linux or Unix. Step 1: Compress the file using Gzip as shown in the example below

Step 1 Compress the file using Gzip as shown in the example below
Step 2 Encrypt the file through GnuPG using the AES cipher and a strong password as shown in the example below
Step 3 Enter and confirm the strong password at the Enter passphrase prompt as shown in the example below


[user@linux ~]$ gzip -9 Data_for_TAC.dat     Step 1
[user@linux ~]$ gpg –cipher-algo AES –armor –output Data_for_TAC.dat.gz.asc 
               –symmetric Data_for_TAC.dat.gz Step 2 Enter passphrase: Step 3 Repeat passphrase: Step 3

The above command output shows using the gzip and gpg command syntax to encrypt the file(s) using the AES cipher.

E-mail File Attachment Upload

Once the files are encrypted, if the customer is unable to utilize the Support Case Manager (SCM)/TAC Service Request Tool (TSRT) or a TAC Cisco WebEx session, additional information can be added to the Service Request by sending the information via an e-mail message to attach@cisco.com with the Service Request number in the subject line of the message (for example, SUBJECT = SR xxxxxxxxx).  Attachments are limited to 20 MB per e-mail update. Attachments submitted using e-mail messages are not encrypted in transit, but are stored in an encrypted format when they are linked to the Service Request. It is incumbent upon the customer to explicitly encrypt the data before transit.

Send the file attached to the e-mail message to attach@cisco.com as shown in Figure 13.


Figure 13. Send the File

Fig 9 email the fie


For illustrative purposes, the above output shows a Microsoft Outlook e-mail with an encrypted ZIP file attachment, the correct To address, and a properly formatted Subject. Other email clients should provide the same functionality and perform just as well as Microsoft Outlook.

Uploading Files Using the FileZilla FTP Client

Cisco strongly recommends the use of an FTP client that supports TLS/SSL. FTP clients are specifically designed for file transfers and more importantly, are the only method that currently supports TLS/SSL encryption. SSL encryption is required to ensure the user ID, password, and data is encrypted in transit.

There are many FTP clients available, but this example uses FileZilla because it is widely used and freely available. The FileZilla FTP client can be downloaded from the following link: https://filezilla-project.org/download.php.

  • Step 1   Download and install the FTP FileZilla client.
  • Step 2   Launch a new FileZilla FTP session.

Figure 14. FileZilla FTP Session

FileZilla FTP Session

  • Step 3   Select Port 990 as the SSL port. (This port should be used to transfer sensitive data to ftp.cisco.com.)
  • Step 4   Click the File menu and select Site Manager to connect to ftp.cisco.com and perform the file transfer.

Figure 15. Connecting to Cisco Using Site Manager

Connecting to Cisco Using Site Manager

  • Step 5   In the Site Manager screen, select the Advanced tab to specify the following details:
    • Host Name = ftp.cisco.com
    • Port = 990
    • Protocol = FTP- File Transfer Protocol
    • Encryption method = Require explicit FTP over TLS
    • Select one Logon Type:
      Anonymous = anonymous login.
      Normal = login using CCO cisco.com User ID and password

Figure 16. Selecting a Logon Type

Selecting a Logon Type

  • Step 6   Accept the certificates when presented with the pop-up.
    Note: If a mismatched certificate warning displays, you may ignore it as long as the host you connect to is within the *.cisco.com domain. The warning message happens because the certificate presented to the client is for the global virtual Cisco Download site. However, the connection is made to a host in a server farm with a different name than the one on the certificate.

Figure 17. Mismatched Certificate Warning

Mismatched  Certificate Warning

  • Note:  Anonymous users and users logging in with a CCO account will be unable to list the contents of the /incoming directory.  However, you can still change into the /incoming/TAC directory to upload a file. 
  • Please remember the following when uploading files:
    • The only directory an Anonymous user or CCO user can see is the public directory /pub.
    • Anonymous users cannot list the contents of the /incoming directory or any of its subdirectories, including /incoming/TAC.
    • Anonymous and CCO users can change into the /incoming/TAC directory and upload a file there.
    • The following screen shots provide more details about the preceding steps:

Figure 18. Logging in as an Anonymous User

Logging in as an Anonymous User

Figure 19. The only directory an Anonymous user or CCO user can see is the public directory /pub.

public directory pub

Figure 20. Anonymous users cannot list the contents of the /incoming directory or any of its subdirectories, including /incoming/TAC.

cannot list the contents of the incoming directory

Figure 21. Anonymous and CCO users can change into the /incoming/TAC directory and upload a file.

change into the incoming TAC directory

change into the incoming TAC directory result

 

Uploading Files Using Internet Explorer

  • Users are strongly encouraged to use an FTP client such as FileZilla. An FTP client supports TLS/SSL and will ensure the user ID and password data are encrypted and secure in transit.
  • Any data transmitted using the Microsoft Internet Explorer (IE) browser will not be encrypted as it does not support FTP over SSL.
  • If you must use a browser, you should log in anonymously instead of using your CCO (cisco.com) account to protect your CCO credentials.
  • It is important to note that even if you connect to the FTP server's SSL port 990 with IE, the connection will not be encrypted.
  • Step 1  Launch a new browser window in Internet Explorer.
  • Step 2  From the Tools menu, select Internet Options.

Figure 22. Tools Menu

Tools menu

  • Step 3   In the Internet Options window, click the Advanced tab.
  • Step 4  Check the boxes for Use Passive FTP (for firewall and DSL modem compatibility) and Enable FTP folder view (outside of Internet Explorer) as shown in the following figure.

Figure 23. Advanced Tab Options

Advanced Tab Options   Advanced Tab Options

  • Step 5   Click OK.
  • Step 6  In the address bar, type the url ftp://ftp.cisco.com/ to get to the ftp.cisco.com page.

Figure 24. Navigating to Cisco via FTP

Navigating to Cisco via FTP

  • Step 7   Log in as an Anonymous user to change into the /incoming/TAC directory.
  • Step 8   To get the login prompt, click the View tab and select Open FTP site in Windows Explorer. This will open ftp.cisco.com in a new window.

Figure 25. ftp.cisco.com Window

ftp.cisco.com Window

  • Step 9   Right-click the Windows Explorer window and select the Login As option to log in.

Figure 26. Login As Option

Login As Option

  • Step 10   In the next window that pops up, log in as an anonymous user:

Figure 27. FTP Log On Window

FTP Log On Window
Note: In the preceding screen shot, there is a warning that FTP does not encrypt passwords before sending them to server. This means IE does not support FTP over SSL. To ensure SSL encryption, you must use an FTP client such as FileZilla.

  • Step 11   Change into the /incoming/TAC directory from the address bar to upload a file to /incoming/TAC.
  • You will receive an error message stating you are prohibited from listing the files under /incoming/TAC, which is expected behavior. However, you can still upload files to the ftp.cisco.com/incoming/TAC folder by copying the file from the desktop and pasting it into the FTP window in Windows Explorer.

Figure 28. /incoming/TAC Directory

incoming TAC directory

  • Step 12   Copy the target file from the local desktop and paste it into the FTP Windows Explorer location. This step uploads the file to ftp.cisco.com/incoming/TAC.

Uploading Files Using Firefox

  • Users are strongly encouraged to use an FTP client such as FileZilla. An FTP client supports TLS/SSL and will ensure the user ID and password data are encrypted and secure in transit.
  • Any data transmitted using the Mozilla Firefox browser will not be encrypted as it does not support FTP over SSL.
  • If you must use a browser, you should log in anonymously instead of using your CCO (cisco.com) account to protect your CCO credentials.
  • It is important to note that even if you connect to the FTP server's SSL port 990 with Firefox, the connection will not be encrypted.
     
  • Step 1   Launch a new Firefox browser.
  • Step 2   Select Tools > Add-ons.
  • Step 3   Search for the fireftp add-on and click Install.

Figure 29. Add-Ons Selection Screen

Add-Ons Selection Screen

  • Step 4   After installing, you should be prompted to restart Firefox.

Figure 30. Restart Prompt

Restart Prompt

  • Step 5   Verify the installation by clicking Tools > Add-ons > Extensions.

Figure 31. Verifying Add-ons

Verifying Add-ons

  • Step 6   Login as an anonymous user to ftp.cisco.com.
  • Step 7   Open a new browser window and type the url ftp://ftp.cisco.com/
  • Step 8   Right-click and select the option View this page in FireFtp

Figure 32. Right-Click Options from ftp.cisco

Right-Click Options from ftp.cisco

  • Step 9   Click Edit and check the option box for Anonymous.
  • Step 10   Click Save Temporary account and connect again.

Figure 33. Saving Account Information

Saving Account Information

Figure 34. Pub Folder

Pub Folder

  • Step 11   To upload files to the TAC directory, change into the /incoming/TAC subdirectory.
  • Step 12   Select a file from the local disk and click Upload.

Figure 35. Selecting a File to Upload

Selecting a File to Upload

Uploading Files Using the Command-Line Interface FTP Client

Neither the MAC OSX command-line interface (CLI) FTP client nor the Windows CLI FTP client support FTP TLS/SSL, so even if you connect to the FTP SSL port 990 with these clients, the connection will not be encrypted.

Users are strongly encouraged to use an FTP client such as FileZilla, which supports FTP over SSL and will ensure their user ID, passwords, and data are secured in transit.

If you use a Windows or Mac command-line FTP client, you should log in as an anonymous user instead of using your CCO (cisco.com) account to protect your credentials. 

  • Step 1   Open a terminal session and issue the following command: ftp ftp.cisco.com

Figure 36. Terminal Session to Access ftp.cisco.com

 Terminal Session to Access ftp.cisco.com

  • Note:  After you log in as an anonymous user, you will only be able to see the /pub directory.

Figure 37. Command Window

Command Window

  • Step 2   Issue the command cd /incoming/TAC to change into the /incoming/TAC directory. You will not be able to list the contents of the directory; however, you can upload a file to this directory.

The following steps occur during the upload process:

  • The user issues the commands to change to the /incoming/TAC directory. 
  • The user attempts to list the contents of the directory, which results in a permission denied error. 
  • The user is able to upload a file.

Figure 38. Final Window During a File Upload

Final Window During a File Upload

 

Communicate the Password to the TAC Customer Support Engineer

If encrypting attachments, the encrypting password must be shared with the Service Request Customer Support Engineer owner. As a best practice, a method other than that used to upload the file should be used. If an e-mail message or FTP is used to upload the file, the password should be communicated out-of-band by telephone or as a SCM/TSRT case update as discussed in the Support Case Manager Java Client File Upload or the TAC Service Request Tool Java Client File Upload section of this document.

Customer File Retention

For the duration a Service Request is open, and for a period up to 18 months following the final closure of a Service Request, all files are instantly accessible from within the Service Request tracking system to authorized Cisco personnel.  After a period of 18 months from final closure, the files may be moved to an archival storage instance to conserve space, but they are not purged (deleted) from the Service Request history.

At any time, an authorized customer contact can expressly request a specific file be purged from a Service Request. Cisco can then delete that file, and a case note is added to document the party who deleted the file, the time and date stamp, and the name of the deleted file. Once a file is purged in this manner, it cannot be recovered.

Files uploaded to TAC FTP folder will be retained for 4 days. The Service Request Customer Support Engineer owner will need to be informed when a file is uploaded to this folder. The Customer Support Engineer should back up the files within 4 days by attaching them to the service request.

Summary

As shown above, multiple options exist for customers to upload information to Cisco TAC to assist in the resolution of Service Requests.Some of these options are less secure, leading to certain inherent risks. Each option has limitations that should be considered before deciding on an appropriate upload option.

  1. The preferred and most secure option is to use the SCM Java Client File Upload. Files transferred with this option are encrypted in transit and are size-constrained to 256 GB.  The communication channel between the customer’s computing device and Cisco is encrypted and the information is also immediately linked to the associated Service Request and stored in an encrypted format.
  2. A less preferred but most secure option is using the SCM Non-Java File Upload. Files transferred via this option are encrypted in transit. The SCM Non-Java File Upload is less preferred because the tool is limited to file transfers of 20 MB or less. The communication channel between the customer’s computing device and Cisco is encrypted and the information is also immediately linked to the associated Service Request and stored in an encrypted format.
  3. Customers can still use the TAC Service Request Tool (TSRT) Java Client File Upload and Non-Java File Upload.
  4. Another option is direct, point-to-point file transfer during a live TAC Cisco WebEx Support Center session or a TAC Cisco WebEx Meeting Center session. Cisco WebEx sessions must be initiated by a Cisco Customer Support Engineer. This option is less preferred because the files are not automatically linked to the Service Request and must be manually added to the Service Request and removed by the account owner.
  5. Another option is using file transfer via WebEx Personal Folders. A Cisco Customer Support Engineer will provide instructions on where to upload the file.  This transfer method does not require a live WebEx Support Center or Meeting Center session, so the Cisco Customer Support Engineer will need to be informed when the file is posted to this location. This option is less preferred because the files are not automatically linked to the Service Request and must be manually added to the Service Request and removed by the account owner.
  6. If customers cannot use SCM, TSRT, or a TAC Cisco WebEx session, the least preferred information upload options are using an e-mail message sent to attach@cisco.com and through the use of FTP to ftp.cisco.com/incoming/TAC. These options do not inherently secure the communication channel between the customer’s computing device and Cisco, nor is the information stored securely until it is attached to the customer’s Service Request. The files are not automatically linked to the Service Request and must be manually added to the Service Request, so the Cisco Customer Support Engineer will need to be informed when a file is uploaded to the TAC FTP folder.
    • If either of these alternative options is used, it is incumbent upon the customer to explicitly encrypt the data before it is uploaded.
    • The customer should also communicate the strong password used to encrypt the information out-of-band, for example, over the telephone or via SCM or TSRT case update, to the Service Request Customer Support Engineer owner.
  7. For the duration a Service Request is open, and for a period up to 18 months following the final closure of a Service Request, all files are instantly accessible from within the Service Request tracking system to authorized Cisco personnel. 
    • After 18 months the files may be moved to archival storage
    • At any time, an authorized customer contact can expressly request a specific file be purged from a Service Request.
    • Files in the FTP folder are retained for only 4 days.

Additional Information

Accessing Cisco Technical Services
Cisco Worldwide Support Contacts
Cisco Technical Services Resource Guide
TAC Service Request Tool -- New Request
TAC Service Request Tool -- My Requests
TSRT System Requirements and Limitations
Cisco Blog > Security > NCSAM Tip #3: What You Should Consider to be a Secure Password
WebEx - Cisco Systems
The GNU Privacy Guard
The OpenSSL Project
WinZip


This document is part of Cisco Security Intelligence Operations.

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk. Cisco reserves the right to change or update this document at any time.

Back to Top

Cisco Security Intelligence Operations