Notifications

80 views

Description

snmp oid is missing for palo alto and cisco firewall in family release


When attempting to discover specific firewall devices, discovery returning an error with description of: "Failed Exploring CI Pattern, Pattern name: Next Generation Fortinet Network Firewall, To Check Pattern Log Press Here"
ECC Queue returns 127 OIDs for classification. XML file shows SysObjName listed and that this device is a Palo Alto Network Device.

Steps to Reproduce

1. Run quick discovery against Firewall Device.
2. Allow Discovery to run
3. Notice error in probe and mis-classification to a Fortnet Firewall Device. Device is actually a Palo Alto Device

Workaround

1) Discovery and Service Mapping Patterns plugin version 1.0.63 (installed) does not support Palo Alto device.
2) Please update "Discovery and Service Mapping Patterns" plugin to 1.0.65 which introduced pattern for Palo Alto devices, then run a discovery.
    https://store.servicenow.com/sn_appstore_store.do#!/store/application/06a71b1367e4130051c9027e2685ef1e/1.0.65

3) Change the attribute 'Accessible from' for the script include-MakeAndModelJs to 'Accessible from application scope', since this script include is called from the pre-sensor.

4) This change which was performed in MakeAndModelJs is already available in Paris,Orlando,New York Patch 10.

Now Platform customers using the releases Madrid, New York, or Orlando must import the update sets attached to this case (inside the firewall.zip file). This is the only action you need to perform.

The update sets do the following:

• Add the attributes hardware_os and hardware_os_version to the cmdb_ci_ip_firewall table.
• Update the classifier and class attributes of the OOB SNMP System OIDs of the device models belonging to Cisco, Fortinet, Juniper, and Palo Alto. Previously, these models used the OOB classifier Network Firewall. The sets update 10 SNMP system OIDs for Cisco, 45 SNMP system OIDs for Fortinet, 4 SNMP System OIDs for Juniper, and 24 SNMP system OIDs for Palo Alto.
• Updates certain pre-execution script, which needs to be run before the firewall patterns.



Related Problem: PRB1405277

Seen In

SR - IRM - Audit Management - New York 2019 Q3
SR - IRM - GRC Profiles - Madrid 2019 Q2
SR - IRM - GRC Workbench - New York 2019 Q3
SR - IRM - Policy and Compliance - Madrid 2019 Q2
SR - IRM - Risk Management - New York 2019 Q3
SR - ITOM - CMDB CI Class Models - 201907
SR - ITOM - Fundamentals Istanbul Jakarta Kingston r1 - v5.99.6

Fixed In

Paris

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2020-09-17 06:58:12
Published:2020-09-02