Firewall Wizards mailing list archives
Re: Cisco Security Manager clone?
From: Bruce Platt <Bruce () ei3 com>
Date: Fri, 2 May 2008 14:25:19 -0400
-----Original Message----- From: David Blahut [mailto:dablahut () vassar edu] Sent: Friday, May 02, 2008 8:55 AM To: Firewall Wizards Security Mailing List Subject: Re: [fw-wiz] Cisco Security Manager clone? Mike, Take a look at Expect: http://en.wikipedia.org/wiki/Expect I know it can be used to access many devices and make the same config change over and over. That may help automate your needed changes to all your sites.
Hmmmh. The best example of the use of expect in this arena is rancid (http://www.shrubbery.net/rancid/) But, I think rancid is more oriented towards the tracking of changes which have been made and the backing up of existing configurations. Now to include the changing of configs into rancid, that's an idea. But it would take better skills than mine :-( bruce
Good Luck, -d Mike Davis wrote:This is my first posting so be gentle ;-) I have an environment that is all Cisco based firewalls for my edge protection and site to site vpns. I have a little over 100 remote sites running on ASA 5505’s with an AES Tunnel to both the primary (HQ) and secondary (DR ) sites. It is working quite nicely and has been for years now but the problem I have is this… all myremote sitefirewalls are not centrally managed in the sense that I canmake onechange in a console and push it globally to all my remotefirewalls sothat when a change is required, I have to log into each andevery one(I use SSH) and make the changes. I know that Cisco Security Manager will allow me to do thatbut at the100K pricetag I was quoted from Cisco with the blink of aneye… I justcannot put that into my budget. Does anyone know of or can recommend any freeware or low-cost-ware application that will allow me to monitor and make global config changes without having to SSH to each one? The ability to segregate into groups and manage based upon groups would certainly bea plus aswell but not a requirement. Thanks in advance! *Mike Davis*-------------------------------------------------------------- ----------_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Cisco Security Manager clone?, (continued)
- Re: Cisco Security Manager clone? David Blahut (May 02)
- Re: Cisco Security Manager clone? Glenn Crissman (May 02)
- Re: Cisco Security Manager clone? Patrick Giagnocavo (May 02)
- Re: Cisco Security Manager clone? Paul Melson (May 02)
- Re: Cisco Security Manager clone? Sanford Reed (May 02)
- Re: Cisco Security Manager clone? Avishai Wool (May 02)
- Re: Cisco Security Manager clone? Gilles Demarty (May 07)
- Re: Cisco Security Manager clone? John Forrister (May 07)
- Re: Cisco Security Manager clone? Neil Glock (May 07)
- Re: Cisco Security Manager clone? Pietro Bertera (May 07)
- Re: Cisco Security Manager clone? Bruce Platt (May 07)