Re: [fw-wiz] Recommendations on modeler/change manger for PIX & FWSM
- From: Brian Loe <knobdy@xxxxxxxxx>
- Date: Tue, 24 Jan 2006 21:12:13 -0600
> On 1/24/06, Cary, Kim <Kim.Cary@xxxxxxxxxxxxxx> wrote:
> > Been watching the list with interest for about 6 months! Thanks for the good
> > discussion.
> >
> > We have several PIX & FWSM (PIX Blades) our team is managing. We've been
> > using PDM (Cisco's Java tool for managing PIX) for distributed
> > administration, but we've been getting tired of its shortcomings in
> > documenting our rules. Also, we'd like to find something that handles change
> > management (reporting, maybe rollback or state snapshots) and modeling (if
> > traffic from 'here' starts to go 'there' what does the firewall do).
>
I've implemented a perl script and SVN based solution here for
managing config changes - archiving/versioning them. Depending on
where the devices are located in relation to where you run the
scripts from it can wait to receive a trap stating the config has
changed or run from a cron job and go grab it. E-mail me off-list and
I'll give you what I've got.
Can't help with the rest - though you could, in theory, use these
scripts as a basis for creating new configs to upload programmaticly.
The perl modules available are pretty robust.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] Recommendations on modeler/change manger for PIX & FWSM
- From: Avishai Wool
- Re: [fw-wiz] Recommendations on modeler/change manger for PIX & FWSM
- Prev by Date: [fw-wiz] RE: In defense of non standard ports
- Next by Date: Re: [fw-wiz] X server in a Firewall
- Previous by thread: Re: [fw-wiz] Recommendations on modeler/change manger for PIX & FWSM
- Next by thread: Re: [fw-wiz] Recommendations on modeler/change manger for PIX & FWSM
- Index(es):
Relevant Pages
|
|
