Firewall Wizards mailing list archives
Re: Cisco Security Manager clone?
From: "Glenn Crissman" <gwcrissman () gmail com>
Date: Fri, 2 May 2008 00:34:29 -0400
Check out Kiwi Cat Tools. I've used it for a while now and found it to be quite helpful in a situation like yours. I manage a network with 67 ASA 5505 firewalls in remote offices connected back to a central ASA 5520 via IPSec VPN. Kiwi works very well to push mass changes to these devices in minutes, and has a nice handy feature in that you can schedule it to automatically back up your configs to your management server for safe keeping. Kiwi is by no means a replacement for CSM but it does a pretty good job. It will interface to the devices via Telnet, SSH, etc. I personally interface to my devices via SSH but your mileage and requirements may vary. It also supports a wide variety of other Cisco devices - switches, routers, etc. Licensing is by device count. If I recall correctly you can download an eval copy of it and it will manage a small set of devices fully functional so you can try it out and see if it works for what you need. Hope this helps. Good luck! On Wed, Apr 30, 2008 at 11:01 AM, Mike Davis <mdavis () gsp net> wrote:
This is my first posting so be gentle ;-) I have an environment that is all Cisco based firewalls for my edge protection and site to site vpns. I have a little over 100 remote sites running on ASA 5505's with an AES Tunnel to both the primary (HQ) and secondary (DR ) sites. It is working quite nicely and has been for years now but the problem I have is this… all my remote site firewalls are not centrally managed in the sense that I can make one change in a console and push it globally to all my remote firewalls so that when a change is required, I have to log into each and every one (I use SSH) and make the changes. I know that Cisco Security Manager will allow me to do that but at the 100K pricetag I was quoted from Cisco with the blink of an eye… I just cannot put that into my budget. Does anyone know of or can recommend any freeware or low-cost-ware application that will allow me to monitor and make global config changes without having to SSH to each one? The ability to segregate into groups and manage based upon groups would certainly be a plus as well but not a requirement. Thanks in advance! *Mike Davis* _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Cisco Security Manager clone? Mike Davis (May 01)
- Re: Cisco Security Manager clone? Alex Nobre (May 02)
- Re: Cisco Security Manager clone? Chris Myers (May 02)
- Re: Cisco Security Manager clone? David Blahut (May 02)
- Re: Cisco Security Manager clone? Glenn Crissman (May 02)
- Re: Cisco Security Manager clone? Patrick Giagnocavo (May 02)
- Re: Cisco Security Manager clone? Paul Melson (May 02)
- Re: Cisco Security Manager clone? Sanford Reed (May 02)
- Re: Cisco Security Manager clone? Avishai Wool (May 02)
- Re: Cisco Security Manager clone? Gilles Demarty (May 07)
- Re: Cisco Security Manager clone? John Forrister (May 07)
- Re: Cisco Security Manager clone? Neil Glock (May 07)
- Re: Cisco Security Manager clone? Pietro Bertera (May 07)
- <Possible follow-ups>
- Re: Cisco Security Manager clone? Bruce Platt (May 07)