Setup for Automatic Sync of Compliance Bug Database

In order to keep the bug database up to date and receive real-time assessments on exposure to software defects and security vulnerabilities, an automated sync can be configured between CVP and https://www.arista.com using a token-based authentication and proxy URL.

Figure 1. Configuring Compliance Settings

The Compliance screen has a compliance section that accepts the following information:

  • An authentication token generated by www.arista.com to enable CVP to keep its bug database up-to-date.
  • Proxy URL to reach the update server at www.arista.com.

This token is generated per user and can be obtained from the user profile screen under the Portal Access section on www.arista.com.

Figure 2. Compliance Portal Access

When this token is provided in the Compliance settings screen, it allows CVP to download the latest version of the https://www.arista.com/en/login file that is available on the Software downloads page.

Note: To leverage automatic updates of the compliance bug database, connectivity to www.arista.com should be ensured from the CVP VM.

The version and release date of the compliance bug database in use can be viewed in the Settings screen under Telemetry Browser > analytics > BugAlerts > update.

Figure 3. Telemetry Browser Screen