Security Lab — software download rules

Rules for handling licensed software downloads and local image storage.

Licensed vendor software must be downloaded by an entitled user from the official vendor portal. Do not share Cisco, Microsoft, Red Hat, or other vendor account passwords with automation agents.

Cisco Downloads

For Cisco partner downloads:

• Sign in to Cisco Software Download in the browser with the entitled account.
• Accept any required license terms directly as the account holder.
• Download only software covered by entitlement and lab rights.
• Move the downloaded files into a local ignored folder.
• Let automation import the local files into EVE-NG or libvirt.

Suggested local location:

/home/ze/codex-security-lab-agent/downloads/

The downloads/ path is intentionally ignored by Git.

Safe Automation Boundary

Automation can safely handle these tasks after the files are local:

• Verify filenames and checksums.
• Move images into EVE-NG template folders.
• Convert formats when licensing permits.
• Build libvirt VM definitions.
• Document image provenance without publishing private download links.
• Track import commands and lab assumptions in Git.

Automation should not:

• Store vendor account passwords.
• Circumvent entitlement checks.
• Publish licensed software images.
• Commit vendor software, private download URLs, or credentials.

Current Cisco Image Status