New and Changed Information
Features of Cisco Cyber Vision Release 5.2.x are as follows:
Feature |
Description |
---|---|
Interactive Help |
Cisco Cyber Vision offers contextual help through the Interactive Help feature. The Interactive Help menu offers easy access to a wide range of documentation resources, and to step-by-step walkthroughs of select taskflows. Interactive help is enabled by default. To disable the feature in your Cisco Cyber Vision center, go to Admin > System. The Interactive help plug-in area contains a toggle button for the feature. Cisco may collect some anonymous product usage behavior data in accordance with the Cisco End User License Agreement and the Cisco Privacy Statement for optimal delivery of Interactive Help. |
LDS support for user authentication |
Cisco Cyber Vision Center now supports user authentication through Lightweight Directory Services (LDS). See LDAP. |
Purge multiple VLAN components |
The sbs-db purge-components command is enhanced to allow the removal of multiple components associated with a VLAN. |
CEF support for syslog configuration |
New syslog configurations in the Cisco Cyber Vision Center require use of the Common Event Format (CEF) standard. Exising syslog configurations that use non-CEF message formats are not affected in Cisco Cyber Vision Release 5.2.x. Non-CEF message formats may not be supported in later releases of Cisco Cyber Vision. |
Beta UI |
Cisco Cyber Vision Center offers a beta UI experience, with informative, easy-to-handle dashboards that present data on assets, vulnerabilities, alerts, and organization hierarchies. You can quickly apply data filters to view necessary information. This UI experience is a beta feature. To access the beta UI and its features, write to cv-beta@cisco.com. You will receive the command to enable the Cisco Cyber Vision Beta UI in addition to the existing classic UI. You can also configure functional groups in the beta UI, and assign data sources to organization hierarchies. To configure network definitions, sensors, and PCAPs, you must continue to use the classic UI. The overall task flows of Cisco Cyber Vision are currently spread across the classic and beta UIs, with the beta UI offering enhanced visualization of the center’s data. Beta UI Enhancements See Introduction of the Cisco Cyber Vision Beta Version.
Communications map enhancements: The communications map displays an overview of all the communication events between connected assets. See Explore communication map. The following enhancements are now available:
Cisco Security Risk Score: Cisco Cyber Vision Center now presents a Cisco Security Risk Score for the vulnerabilities displayed. The risk score is based on Cisco Vulnerability Management’s predictive model. In Cisco Cyber Vision, the risk score includes factors of exploitability and dark web activity for topical context about risk severity to help prioritize vulnerability management. See Dashboard for the New UI. Rack slot information for modular PLCs: The asset summary page for modular PLCs includes information on rack slots. For each slot on a modular PLC, the model name, slot type, firmware version, and serial number are displayed. Rerun functional group suggestions: You can regenerate functional group suggestions at any time in the Asset Visibility > <choose an asset> > Communications page. You can rerun asset data at multiple levels to receive specific functional group suggestions:
When you accept a functional group suggestion, existing functional groups may be modified to ensure an asset is part of any one functional group. . Heat maps for alerts: The Alerts page displays a heat map to help you quickly visualise alert trends. The map spans the last 7 days, broken into two-hour segments. Hover over a segment to view the alert count. Enable syslog notification for alert types: You can choose to send syslog notifications to a connected syslog server for an alert type. Syslog notifications are enabled by default for new and existing alert types in your Center. You can choose to disable the notifications in the Alerts page. See Syslog notifications for alert types. Acknowledge vulnerabilities across assets: You can view, acknowledge, or cancel acknowledgment of a vulnerability across multiple assets. . |