Educause Security Discussion mailing list archives

Re: Network config monitoring and auditing software

From: "Spransy, Derek" <DSPRANS () EMORY EDU>
Date: Mon, 14 Sep 2009 15:44:09 -0400

OSSEC added agentless integrity monitoring support in version 2.0 specifically for some network devices.  In fact, they 
have a module that's written to monitor Cisco PIX devices.  I've never used the feature (I only use OSSEC for 
Windows/Linux hosts), but OSSEC is free and a great HIDS.

http://www.ossec.net/dcid/?p=158

-Derek

===========================
Derek Spransy
IT Security Lead
Emory College of Arts & Sciences
derek.spransy () emory edu
404-712-8798
===========================




-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin 
Halgren
Sent: Monday, September 14, 2009 2:50 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Network config monitoring and auditing software

We're looking at software to help with monitoring and auditing changes
to firewall and switch configurations.  I'd be interested to hear what
others out there are using, how happy you are with the product, and any
additional functionality your product has that you have found useful.
I'd also be interested in products that have a broad range of
interoperability with different vendor products.

Our environment is largely Cisco.  The firewalls are Cisco ASAs with a
couple of older Cisco PIX firewalls still in service.  Core switches are
Cisco with some Foundry/Brocade devices at the edge.

Thanks,

Kevin

--
Kevin Halgren
Assistant Director - Systems and Network Services
Washburn University
(785) 670-2341
kevin.halgren () washburn edu

This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information.  If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).

Current thread:

Network config monitoring and auditing software Kevin Halgren (Sep 14)
- <Possible follow-ups>
- Re: Network config monitoring and auditing software Jason Chambers (Sep 14)
- Re: Network config monitoring and auditing software Brad Judy (Sep 14)
- Re: Network config monitoring and auditing software Spransy, Derek (Sep 14)
- Re: Network config monitoring and auditing software Avdagic, Indir (Sep 14)
- Re: Network config monitoring and auditing software Kevin Garrett (Sep 14)
- Re: Network config monitoring and auditing software Paul Keser (Sep 14)
- Re: Network config monitoring and auditing software Greg Vickers (Sep 14)
- Re: Network config monitoring and auditing software Scott Beardsley (Sep 14)
- Re: Network config monitoring and auditing software Timothy Hayes (Sep 14)
- Re: Network config monitoring and auditing software Justin Azoff (Sep 14)
- Re: Network config monitoring and auditing software Dexter Caldwell (Sep 15)
- Re: Network config monitoring and auditing software Kevin Halgren (Sep 21)