Educause Security Discussion mailing list archives
Re: Network config monitoring and auditing software
From: Paul Keser <pkeser () STANFORD EDU>
Date: Mon, 14 Sep 2009 15:54:19 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have been playing around with Nipper. In fact I am giving a presentation on it Wednesday at SecureWorld Bay Area... It is no longer Open Source but there is a free license for non-commercial use so you can try it before you buy. Also they offer 1/2 price on licenses for .edu's http://www.titania.co.uk They support ~30 different firewalls and routers. I have tried it on Netscreen and Cisco ASA configs. Being a former firewall engineer one thing I really like is you don't need to touch the firewall. You can point the script at your saved configs and don't have to worry about affecting the performance of the firewall. - -PaulK Paul Keser Assoc. Information Security Officer Stanford University 650.724.9051 GPG Fingerprint: DBA3 E20F CE91 28AA DA1C 4A77 3BD9 C82D 2699 24FB Kevin Halgren wrote:
We're looking at software to help with monitoring and auditing changes to firewall and switch configurations. I'd be interested to hear what others out there are using, how happy you are with the product, and any additional functionality your product has that you have found useful. I'd also be interested in products that have a broad range of interoperability with different vendor products. Our environment is largely Cisco. The firewalls are Cisco ASAs with a couple of older Cisco PIX firewalls still in service. Core switches are Cisco with some Foundry/Brocade devices at the edge. Thanks, Kevin
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkquyZoACgkQO9nILSaZJPs0AwCgjSBWSJOL/bu7nXbWd+sNzRsl ho0An2FjVa1JterRRm+BNGYtP5Ofys7M =h6G3 -----END PGP SIGNATURE-----
Current thread:
- Network config monitoring and auditing software Kevin Halgren (Sep 14)
- <Possible follow-ups>
- Re: Network config monitoring and auditing software Jason Chambers (Sep 14)
- Re: Network config monitoring and auditing software Brad Judy (Sep 14)
- Re: Network config monitoring and auditing software Spransy, Derek (Sep 14)
- Re: Network config monitoring and auditing software Avdagic, Indir (Sep 14)
- Re: Network config monitoring and auditing software Kevin Garrett (Sep 14)
- Re: Network config monitoring and auditing software Paul Keser (Sep 14)
- Re: Network config monitoring and auditing software Greg Vickers (Sep 14)
- Re: Network config monitoring and auditing software Scott Beardsley (Sep 14)
- Re: Network config monitoring and auditing software Timothy Hayes (Sep 14)
- Re: Network config monitoring and auditing software Justin Azoff (Sep 14)
- Re: Network config monitoring and auditing software Dexter Caldwell (Sep 15)
- Re: Network config monitoring and auditing software Kevin Halgren (Sep 21)