Rule ID
SV-242638r1026048_rule
Version
V2R3
CCIs
CCI-000366, CCI-000539, CCI-000537
If this information is not backed up and a system failure was to occur, the security settings would be difficult to reconfigure quickly and accurately, thus increasing adverse impact of the outage. There are two types of ISE backups: Configuration backup and operational backup. This requirement pertains to the configuration. Since the administrator may forget to immediately backup each time changes are made, a scheduled weekly backup is a best practice and preferred. However, there may be operational impacts for the scheduling option that necessitate immediate backup after configuration changes method be used.
Review the SSP to see the site's network device backup policy. 1. Navigate to Administration >> System >> Backup and Restore. 2. Check the Cisco ISE backup log to verify regular backups are being performed. If configuration and operational backups are not being performed when changes are made and/or scheduled weekly (at a minimum), this is a finding.
1. To configure a repository, navigate to Administration >> System >> Maintenance > Repository. 2. Click "Add". 3. Provide a Repository Name and choose SFTP (recommended) or a secure protocol. Then enter Server Name, Path, User Name, and Password, and click "Submit". The repository must be on another device such as the syslog or SFTP server. On-demand and/or scheduled configuration and operational data backups are as follows: 1. Navigate to Administration >> System >> Backup & Restore. 2. Select "Configuration Data Backup". 3. Provide a Backup Repository Name, Encryption Key, and scheduling information in compliance with SSP. 4. Click "Backup". 5. Repeat steps with Step 2 being the Operational Data Backup option.