Educause Security Discussion mailing list archives

Re: Network config monitoring and auditing software

From: Scott Beardsley <scott () CSE UCDAVIS EDU>
Date: Mon, 14 Sep 2009 17:36:58 -0700

Our environment is largely Cisco.  The firewalls are Cisco ASAs with a
couple of older Cisco PIX firewalls still in service.  Core switches are
Cisco with some Foundry/Brocade devices at the edge.


We are about to start a project to build such a system[0]


On a somewhat related note, I attended a talk here at UC Davis about
auditing firewall rules. It was very interesting and a useful product
came out of the research (GPL nonetheless). You might want to have a
look at FIREMAN[1]. They mentioned supporting iptables, pix, and pf but
I don't see mention of pf on that page.

Scott
-----------
[1] http://www.ece.ucdavis.edu/rubinet/fireman.html

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Network config monitoring and auditing software Kevin Halgren (Sep 14)
- <Possible follow-ups>
- Re: Network config monitoring and auditing software Jason Chambers (Sep 14)
- Re: Network config monitoring and auditing software Brad Judy (Sep 14)
- Re: Network config monitoring and auditing software Spransy, Derek (Sep 14)
- Re: Network config monitoring and auditing software Avdagic, Indir (Sep 14)
- Re: Network config monitoring and auditing software Kevin Garrett (Sep 14)
- Re: Network config monitoring and auditing software Paul Keser (Sep 14)
- Re: Network config monitoring and auditing software Greg Vickers (Sep 14)
- Re: Network config monitoring and auditing software Scott Beardsley (Sep 14)
- Re: Network config monitoring and auditing software Timothy Hayes (Sep 14)
- Re: Network config monitoring and auditing software Justin Azoff (Sep 14)
- Re: Network config monitoring and auditing software Dexter Caldwell (Sep 15)
- Re: Network config monitoring and auditing software Kevin Halgren (Sep 21)