The Cisco ISE must conduct backups of information system documentation, including security-related configuration files when changes occur or weekly, whichever is sooner.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-242638	CSCO-NM-000330	SV-242638r714224_rule		Low

Description
Information system backup is a critical step in maintaining data assurance and availability. Information system and security-related documentation contains information pertaining to system configuration and security settings. If this information was not backed up and a system failure was to occur, the security settings would be difficult to reconfigure quickly and accurately. Maintaining a backup of information system and security-related documentation provides for a quicker recovery time when system outages occur. This control requires the network device to support the organizational central backup process for user account information associated with the network device. This function may be provided by the network device itself; however, the preferred best practice is a centralized backup rather than each network device performing discrete backups.

Description

Information system backup is a critical step in maintaining data assurance and availability. Information system and security-related documentation contains information pertaining to system configuration and security settings. If this information was not backed up and a system failure was to occur, the security settings would be difficult to reconfigure quickly and accurately. Maintaining a backup of information system and security-related documentation provides for a quicker recovery time when system outages occur. This control requires the network device to support the organizational central backup process for user account information associated with the network device. This function may be provided by the network device itself; however, the preferred best practice is a centralized backup rather than each network device performing discrete backups.

STIG	Date
Cisco ISE NDM Security Technical Implementation Guide	2021-09-27

Details

Check Text ( C-45913r714222_chk )
1. Review the SSP to see the site's network device backup policy. Check the Cisco ISE backup log to verify regular backups are being performed. show backup history 2. Determine if there is a recent history of backups. Verify if the backup history shows either weekly backups or periodic backups. If the Cisco ISE is not configured to conduct backups of system-level information contained in the information system when changes occur, this is a finding.

Check Text ( C-45913r714222_chk )

1. Review the SSP to see the site's network device backup policy. Check the Cisco ISE backup log to verify regular backups are being performed.
show backup history
2. Determine if there is a recent history of backups. Verify if the backup history shows either weekly backups or periodic backups.

If the Cisco ISE is not configured to conduct backups of system-level information contained in the information system when changes occur, this is a finding.

Fix Text (F-45870r714223_fix)
Save changes to the Cisco ISE configuration files data and place the backup in a repository by using the backup command in EXEC mode on the CLI. backup [{backup-name} repository {repository-name} ise-config encryption-key hash\| plain {encryption-key name}]