AREA |
PCI Auditor Status | Product |
Business Contact |
Technical Contact |
Notes |
Routing |
Pull configs-send in e-mail | ISR |
|
Manu Parbhakar (mparbhak) <mparbhak@cisco.com> |
ISRs installed and configured; Fernando working on installing VSOM 2011-02-25 Talked wit Manu about getting a template config for the integrated wireless of the 891 and 1941 when configuring for multiple vlans |
| | ISR SRE | | John Carney | 2011-02-17 UCS Express installed and working on SRE blade
got this link for installation http://www.cisco.com/en/US/prod/collateral/ps10265/ps11273/installation_guide_c07-640002.html
John Carney also had this link from Tony: http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/sre_v/1.0/user/guide/sre_v.html
|
Switching |
Pull configs-send in e-mail | Catalyst |
|
Bart |
Done 2011-01-27 Upgraded Large store 4507's to Sup7 and R+ chassis. |
Voice |
| Communications Manager | |
Stuart Higgins | 2011-02-10 Upgrading to 8.5, requesting license |
Voice |
NEED TME | Contact Center Enterprise/CVP |
|
|
NEED
Here’s the link for Contact Center Enterprise
8.5 security BP guide
http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_8_5/reference/guide/icm85securty.pdf
Manisha Gupta (manishag) <manishag@cisco.com> is offering to update the systems . 2011-03-01 sent Manisha a reply asking her familiarity with VMWare so I can get her going on this.
|
Wireless |
NEED TME | Wireless controllers, WIPS |
PM-Annette Blum (annblum) Mgr. Suresh Katukam (skatukam) |
Sujit Ghosh (4085267638) Mike Adler Paul Lysander (lysander)4089028990 <lysander@cisco.com> |
2011-01-06 Win2k3 Servers provisioned for WCS and Navigator 2011-01-18 left Sujit a EM/VM asking for status 2011-01-25 Mike brought in Paul to help deploy WCS 2011-01-27 Paul said he has WCS manager installed and he will work with Mike to configure controllers and AP's. As WCS Navigator does not configure controllers or AP's it is just a dashboard we will not install it in the solution at this time. 2011-02-14 Mike has finished adding the controllers and accesspoints to WCS. Worked with Paul today and set up the MSE devices. he will configure and license later today/tomorrow. I sent Sujit an e-mail asking for permanent licenses for my controllers.
no license for the module or option, but shows active. the others were installed, not sure why WCS is not up to date. he thought AAA was all set up. Will set meeting up next week PSK is 12345678
|
DLP |
for messages received how when are they encrypted,how are the keys managed
how is the stored data protected, storage location, encryption/decryption keys how keys protected and managed
What OS, how is the is hardend, whats under the hood.
Auditable events login failure/activity etc what specifically is logged for each level (no CC data)
need to see about Password complexity
does the app write data any where else?
| IronPort https://private.ironport.com/pm/docs/product/#esa http://esawiki.cisco.com/index.php/RSA_Email_DLP
It is not safe to send CC info via e-mail and it drastically expands the scope of where CC data may be. The ironport product helps protect agains stolen CC info from being sent out of the company via e-mail
under network interface: need to disable telnet/http and other non secure protocols that are on by default
should turn off FTP for logs and configure off box logging using SCP to push logs, need 1 years worth of logs.
|
Amanda Holdan |
Raymond Jett (4692556638) |
2011-01-06 All Ironport devices cabled 2011-01-18 Left Mike an EM/VM asking for status, 2011-01-19 received reply asking for more info, answered. I am having issues sending mail out of the retail LAB to Cisco accounts or Internet mail servers. Asked Raymond for ideas to test, he suggested pepin barrameda may have info on a Lab mail Proxy (sent Pepin and email).
NIC Teaming, ESA Active then set up Clustering for the two devices. Then set up Manger to talk to the cluster Set up Smart hosts on the Exchange host - Realy List Add Exchnage to ESA server relay list, May need to set up Outbound relay as well. reciepient access table contains list of domains for e-mail (RAT).
2011-02-11 Set up outside exchange server that can receive mail for test
2011-02-18 Sent e-mail to Raymond asking questions from auditor. |
Security |
| CSM |
|
Tom Hua (4088532718) |
2011-01-06 new Win2k3 Server provisioned 2011-01-18 Left Tom an EM/VM asking for status 2011-01-25 Tom talked to Maria, said he has all he needs and will be done by the end of the week setting up CSM 2011-02-14 Tom has the CSM set up but no devices added yet, he is sending me the info on how to add devices. login is admin/admin He will meet with Christian next week to discuss IDS appliance architecture and if we want to add any.
Do we need a license?
|
Security |
| RSA Authentication Manager/SecureID |
Tim Shea tshea@rsa.com
(781) 515-5112 |
Danny Dhillon
danny.dhillon@rsa.com |
Installed and configured |
Security |
| RSA Key Manager |
Tim Shea tshea@rsa.com
(781) 515-5112 |
Danny Dhillon
danny.dhillon@rsa.com |
Danny coming on site Monday 1/31 to help install KM and enVision appliance 2011-01-31 Installed and configured. set up MDS-DC-1 to use it for key management.
|
VBLOCK |
| EMC SAN and UCS |
Vincent Shan |
Sheri.Spence@vce.com(8172366165) Michael.Dugan@vce.com |
2011-01-18 Left Sheri an EM/VM asking for status, exchanged e-mails about helping remotely and possibly on site Feb 7th. Mike has UIM software update and possible assistance also. Once UIM in installed it will be used to manage and configure vBlock including UCS and VM servers. Hope to be done 1/28
2011-02-25 Installed PowerPath on Vblock ESX hosts C:\Program Files\VMware\VMware vSphere CLI\bin>vihostupdate.pl --server 192.168.41.141 --install --bundle c:\EMCPower.VMWARE.5.4.SP2.b298.zip --username root --password emcuim
|
VBLOCK |
| EMC Ionix UIM |
Brian Kennedy brian.kennedy2@rsa.com
415 250 8839 |
Sheri Spence Sheri.Spence@vce.com(8172366165)
Mike Dugan 914.522.7599 Michael.Dugan@vce.com
|
2011-01-27 about 90% complete, have second call tomorrow to finish configuration with mike. 2011-02-07 UIM provisions and activates the new server but does not add it to vcetner. send Mike and sheri an e-mail asking for next steps 2011-02-14 Still having issue with UIM installing ESX on some servers. sent mike and e-mail asking for help. 2011-02-15 Applied hotfix 1
|
VBLOCK |
| HyTrust |
Eric Chiu echiu@hytrust.com
(650) 681-8111 |
renata budko <rbudko@hytrust.com> VP of Marketing Office : 650 681 8120
Ken Sigel HyTrust Systems Engineer ksigel@hytrust.com office: 650-681-8174 mobile: 650-722-1270 |
2011-01-26 Hytrust appliance installed and configured. 2011-02-10 removed Hytrust appliance and suspended temporarily while troubleshooting vlan/routing issues with DC switches. |
Compute |
| Nexus 1kv and Skywalker |
|
Syed Ghayur |
2011-01-05 N1kv installed on several servers, need to finish provisioning and vlans. neeed to start on Skywalker VSG 2011-01-26 reinstalled N1kv on Servers 22-31 with new version. NEed to start on VSG, Syed provided VoDs. Syed traveiling 1/29-2/7 but may be available via IM
http://bock-bock.cisco.com/wiki/N1KV:Virtual_Security_Gateway
|
Storage |
| MDS |
|
Simone Morellato |
2011-01-05 new Supervisor working and basic configuration 2011-01-27 got second Supervisor for MDS-DC-2 from Repo Depot, upgraded with same version of software as MDS-DC-1, having periodic issue where MDS-DC-2 locks up randomly. May be the card is flakey, Simone may be able to get a replacement on 2/3 |
Compliance/Policy |
| RSA Archer |
Eric Herrera Eric.Herrera@archer-tech.com
(913) 239-1807 |
Genarro Scalo gennaro.scalo@rsa.com
John Carney |
2011-01-18 G will provide software and remote installation assistance in the next week. 2011-02-2 receivded and e-mail with info on downloading the software and an install guide from Eric (License Key: 04C1B0951B04F048181C8964E)
In regards to the installer, you will need to download it from the Archer Community. Note that this is a large size file, so you I can’t attach it. https://community.archer-tech.com/files/folders/installerpackages/entry3748.aspx
If you have not register with the community, please register first. Once you register, then you will be approved and we will provide you with your access credentials. Once this is done, then please proceed to the Download tab.
2011-02-11 John Completed the Application installation of Archer
|
Compliance/Policy |
| RSA enVision |
Brian Kennedy brian.kennedy2@rsa.com
415 250 8839 |
Danny Dhillon 617-309-8094/408.326.4580 <danny.dhillon@rsa.com>
david.broeckelmanpost@rsa.com c. 213.321.7740
David.Valiquette@rsa.com 774-230-2208 |
PO received by RSA 1/25; will ship 1/26 or 1/17; scheduled for installation week of 1/31; alert and report development scheduled for week of 2/14
2011-01-27 Have initial installation scheduled for 1/31with David and Danny Expect appliance to arrive Friday or Monday morning. Did not receive license file for system yet. 2011-01-31 completed install of enVision, need to configure remaining lab devices to point to it, have follow up call 2/2
2011-02-07 Working with RSA Professional Services David.Valiquette@rsa.com have device pretty much fully configured and playing with reports and activity notifications. All looks good to go.
|
Switching |
| Sake |
Vivian Clark? |
Narayanan Krishnamoorthy (narakris) <narakris@cisco.com> |
2011-01-03 3560c Sake switch is in RomMon, sent e-mail trying to get assistance 2011-01-18 found tech contact Narayanan, sent email asking how to fix 3560c 2011-01-27 Sent NK and e-mail asking for SSH software support. 2011-01-28 received and configured updated switches with SSH |
Network Management |
| EMC Ionix NCM |
Vikram Prabhakar (cisco) larry.baird@emc.com
david.marquez@emc.com |
Manuel (Manny) Kamer 917-620-8610 (manuel.kamer@emc.com)
|
2011-01-26 Bart, I’m working on your vm now. Can we meet onsite in your offices on Thurs Feb 3 to complete this activity. I have another Cisco customer to visit earlier in week and I can drive from there to your office 2011-02-03 Installed NCM working with Manny. Products works very well. set up most of devices in the lab for the stores, working on adding Data Center devices. Sent Manny an e-mail asking how to change device class that is auto detected.
2011-04-12 - Still having trouble enabling SNMP - Manny is opening a trouble ticket. 2011-04-22 got SNMP working, but missing source IP address for clients. Sent request for permanent license too Larry replaced David on the team. |
Security |
NEED TME | NAC |
|
Jamey Heary 303-619-7122 |
2011-1-24 Sent Jamey an E-mail asking what he needed provisioned to set up his NAC servers in the Lab Jamie replied to Maria=Jamey needs 5 servers with 100 GB of space and 8 GB of RAM and a Windows XP or 7 host. He can start as early as next week and it will take him about 3 days to complete the work 2011-01-27 re-scheduled Architecture call 2011-01-31 sent lab info to Jamey, he expects to be done this week. 2011-02-07 Set up Windows 7 system for Jamey connected via Ethernet port on SRV-DC-24. If that does not function properly I will install a PC with KVM. 2011-02-14 left VM for Jamey asking for status
|
Physical Security |
| Physical Access Control |
Craig Cotton |
Rekha Krishna rekkrish@cisco.com
W 408 525 2484
M 408 874 5347 |
Access control physically installed; needs configuration; requested 1/5
2011-02-07 Fernando working on setting this up. 2011-02-16 Set up PAM and GW for small store. Added barts badge to reader. http://bock-bock.cisco.com/wiki/PSBU Rekha is looking into problem getting LDAP authentication working. It soed not look like you can delete the default cpamadmin account or the gwadmin accounts on the gateways. the CPAM does support password complexity and timeouts |
Physical Security |
| Video Surveillance |
Craig Cotton |
Greg Varga grvarga@cisco.com W 408 526 5084 Shailesh Deshmukh shadeshm@cisco.com W 408 526 8842 M 5107867030 |
Video surveillance physically installed; needs configuration; requested 1/5 2011-02-01 Fernando is installing Video Surveillance.
2011-02-07 IP'd and placed on VLAN for Fernando the MSP systems in the Data center and large store. |
Network Management | | Cisco LMS |
|
Tejas Shah (LMS) |
2011-02-01 Maria to contact Tejas and see what preliminary system information he needs to set up LMS in the lab
2011-02-07 Since NCM seems to be working so well, decision needs to be made whether we install this duplicate system or remove from PCI validation. No install progress has been started yet. |
|
| |
|
|
|
|
| |
|
|
|