Questions about statements in the CTA FAQ - related to NSM
In the Capture Threat Assessment Report FAQ (https://www.sonicwall.com/support/knowledge-base/sonicwall-capture-threat-assessment-cta-2-0-faq/200810083007127/) I am curious about the following statements:
3. How is this report provided by SonicWall?
Report can be directly from SonicOS firewall GUI. The user navigates to Capture Threat Assessment page view and generate the report. In this mode, previous reports are saved in the cloud and displayed as a table for the user.
18. Can CTA 2.0 be generated from MySonicwall portal?
CTA 2.0 report can only be generated from Firewall UI or CSC-MA/GMS.
First, based on 18, can someone tell me how to access the CTA report via CSC-MA? I have gone through what I think is every top tab icon and each left tab list and cannot see any reference to accessing the CTA report.
Second, and this links to a previous NSM discussion I started. If the only way to access this report is via the device's GUI, then is doing that going to cause the firewall to become "unmanaged" in NSM, forcing additional steps to recover the device?
Hi @Larry We have a KB article getting ready for generating CTA 2.0 report on CSC-MA. In the meanwhile let me share the details with you. NSM does not support CTA 2.0 at the moment. We will plan to answer this in the upcoming NSM releases.
CSC-MA 1.7.3 support generation of CTA 2.0 report. Below are the steps for CSC-1.7.3 for having CTA report.
@TIJU , so just to confirm.
You're telling me I have to wait for an interim version of CSC-MA to be released. Meaning the cloud has to go from 1.7.1 to 1.7.3 before this feature is available?
And then - once my clients' sites are migrated to NSM - I'm going to have to wait AGAIN for this functionality to make it from the roadmap to the cloud?
But throughout these indeterminate time frames, the lengths of which SonicWall will never acknowledge, I will be able to log in locally to the device and manually generate the report?
Hi @Sanjay Please comment on NSM availability
Hi @Larry Yes , you can always login to Firewall UI running 184.108.40.206-83n and above and generate CTA 2.0 report directly.