Asset Status

There are two main asset statuses in Cisco Vulnerability Management which are used to filter assets in the Vulnerability Management Explore page: Active and Inactive. By default, only Active assets are shown in the UI and returned using the API. 

Screen_Shot_2020-06-08_at_8.56.29_AM.png

Asset Expiry

Assets will automatically go inactive/expire at the end of the inactivity limit setting. Inactive assets will remain in Cisco Vulnerability Management until the end of the Asset Purge Period Setting.

It is important that the Cisco Vulnerability Management Asset Inactivity Limit Setting is configured so that decommissioned assets change to inactive in Cisco Vulnerability Management after the scanner has not reported them for a period of time.

How Automatic Asset Expiration Works

Using the Asset Setting, a nightly job is run on the Cisco Vulnerability Management platform that will automatically change assets to inactive if they have not been seen in a time period equal to the asset setting. Assets will also automatically change back to Active if the scanner sees them again.

Using the automated processing ensures that assets are added to, and removed from, Cisco Security Risk Scores and reporting in accordance with the Asset Setting rule you have configured. 

Manual status changes

There might be cases where assets need to be removed from the automated processing. For example:

  1. A Reliable Decommissioning process feeds assets to Cisco Vulnerability Management administrators which allows assets to be removed sooner than the Asset Settings.
  2. Asset types are pulled into Cisco Vulnerability Management that are not going to be managed using Cisco Vulnerability Management, such as phone systems, and cameras.
  3. Development assets are scanned less frequently and would be inappropriately changed to inactive based on the Asset Setting. For example, the Asset Setting is 30 days but lab assets are scanned quarterly. 

Asset Status can be manually adjusted using the UI, however assets that have been manually adjusted will no longer be processed in the nightly asset activity processing using the Asset Setting.

Change the status of an Asset

You must have the correct permissions to change the status of an asset.
1. On the Vulnerability Management Explore page, select the checkbox beside the asset that you want to change the status for.
2. Click Set Status.

Screen_Shot_2020-06-08_at_8.47.58_AM.png

 

3. Change the status of the asset. After you change the status, the asset will be on Status Override and the asset status will not change unless it is manually updated again.

View the status of an asset

To view the status of an asset, hover over the icon in the Status column.

Screen_Shot_2020-06-08_at_8.46.35_AM.png

 

Asset Status Summary

There are four possible status settings in Cisco Vulnerability Management:

Screen_Shot_2020-06-04_at_10.17.18_AM.png

For reporting and filter options, assets are considered either Active or Inactive. 

For asset expiry considerations, assets that are manually set will not be included in any automated processing. 

To restore assets to the default status use the Remove Override button under Set Status. 

Finding Manually Overridden Assets

To find which assets have had their status manually set, under Asset Filters, use the Status Set Manually filter.


 Screen_Shot_2020-07-02_at_2.53.21_PM.png

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.