Create a Configuration Group Profile that includes a Cyber Vision feature to enable network visibility and security monitoring capabilities across your SD-WAN or SD-Routing infrastructure.
Configuration Group Profiles with Cyber Vision features provide enhanced network monitoring and security capabilities. This configuration enables you to deploy consistent Cyber Vision settings across multiple devices in your network.
Before you begin
On the page, choose either
as the solution type.
Follow these steps to create a Configuration Group Profile with a Cyber Vision feature:
Procedure
|
1. |
From the Cisco SD-WAN Manager menu, choose . |
|
2. |
Create and configure a Cyber Vision feature in an Other profile.
-
Enter a name and description for the feature.
Table 2.
Name and Description
| Field |
Description |
| Name |
Name for the Cisco Cyber Vision Center. |
| Description |
Optionally, add a description. |
-
Configure the base configuration fields.
Table 3.
Base Configuration
| Field |
Description |
| Cyber Vision Center |
From the drop-down list, choose a Cisco Cyber Vision Center connection from the list of previously configured connections. Refer to Configure a Connection to a Cisco Cyber Vision Center in the Network Hierarchy. |
| Monitoring Source Interface |
Click Add and enter the interface for the device to use for monitoring traffic. Your choice depends on your network and the traffic that you want the device to monitor. Examples: VLAN interface, cellular interface, WAN interface |
-
The Advanced Configuration area appears only if you are configuring a Cyber Vision feature for the SD-WAN solution option. It does not appear for the SD-Routing solution option. The fields in this area are preconfigured to use variables that enable you to enter device-specific information for each device when deploying the configuration group. See Deploy a configuration group with a Cisco cyber vision feature. But you can configure global device values instead of using the variables.
Table 4.
Advanced Configuration
| Field |
Description |
| Capture Interface IP |
IP address of the interface that captures the traffic for analysis. |
| Capture Interface Subnet Mask |
Subnet mask for the interface that captures the traffic for analysis. |
| Collection Interface (Sensor to Center) IP |
Enter an IP address for the collection interface that sends the captured traffic to Cisco Cyber Vision Center. Ensure that the IP address is within the subnet mask defined in the Collection Interface Subnet Mask field.
Note
For each device connecting to Cisco Cyber Vision Center through the same service VPN, enter a unique collection interface IP address.
It is necessary for each interface within a single service VPN to use a unique IP address.
To view the service VPN configured for communication with Cisco Cyber Vision Center, see Configure a Connection to a Cisco Cyber Vision Center in the Network Hierarchy.
|
| Collection Interface Subnet Mask |
Subnet mask for the collection interface that sends the captured traffic to Cisco Cyber Vision Center. The subnet mask defines an address space for the service VPN used for communication between device and Cisco Cyber Vision Center. |
| VPG5 (Virtual Port Group) IP Address |
IP address within the subnet mask defined in the Collection Interface Subnet Mask field. This is an address with the same network as the collection interface.
Note
For each device connecting to Cisco Cyber Vision Center through the same service VPN, enter a unique VPG5 IP address.
It is necessary for each interface within a single service VPN to use a unique IP address.
|
| VPG6 (Virtual Port Group) IP Address |
This field is preset and not configurable. |
|
You have successfully created a Configuration Group Profile with a Cyber Vision feature that can be deployed to devices in your network.