Text only | Text with Images

Networking-Forums.com

Professional Discussions => Routing and Switching => Topic started by: dlots on July 16, 2015, 06:05:33 PM

Title: config manager that will do alerts?
Post by: dlots on July 16, 2015, 06:05:33 PM
I am looking for a config manager that will compare the configs and alert me if there are changes made,  I know Cisco Works and Solarwinds can do this, I was just hoping for something cheaper.  Rconfig looks really cool but doesn't look like it does the compare or alert thing.
Title: Re: config manager that will do alerts?
Post by: dlots on July 16, 2015, 06:11:52 PM
Seems RANCID does this also
Title: Re: config manager that will do alerts?
Post by: Otanx on July 16, 2015, 10:04:08 PM
RANCID does it very well, free, and is easy to setup (if you are comfortable with Linux).

-Otanx
Title: Re: config manager that will do alerts?
Post by: wintermute000 on July 16, 2015, 10:05:02 PM
a few years ago Kiwi Cattools was popular in mid-market if you want windows/GUI
rancid FTW
Title: Re: config manager that will do alerts?
Post by: DanC on July 17, 2015, 08:58:23 AM
Quote from: wintermute000 on July 16, 2015, 10:05:02 PM
a few years ago Kiwi Cattools was popular in mid-market if you want windows/GUI

I've used this in my last 2 roles, good product and dirt cheap :)
Title: Re: config manager that will do alerts?
Post by: routerdork on July 17, 2015, 10:35:11 AM
Cacti has a config comparison plugin but I'm not sure anything exists to alert on changes. Currently we use Solarwinds for this due to the company wanting us to use it for everything. I would much rather use something else though.
Title: Re: config manager that will do alerts?
Post by: Otanx on July 19, 2015, 06:40:40 PM
Had a demo from these guys the other day. The interface looks kind of cool if you want a GUI. Does more than just Cisco. Pricing didn't seem too bad to me, but I don't know what your budget is.

https://www.scriptrock.com/product

-Otanx
Title: Re: config manager that will do alerts?
Post by: dlots on July 20, 2015, 12:49:28 PM
Anyone know any that are DOD approved?
Title: Re: config manager that will do alerts?
Post by: warren.sullivan.526 on August 07, 2015, 08:33:20 AM
What DOD? US?


Sent from my iPhone using Tapatalk
Title: Re: config manager that will do alerts?
Post by: deanwebb on August 07, 2015, 09:05:04 AM
Quote from: warren.sullivan.526 on August 07, 2015, 08:33:20 AM
What DOD? US?


Sent from my iPhone using Tapatalk

In this case, yes.
Title: Re: config manager that will do alerts?
Post by: icecream-guy on August 07, 2015, 10:03:50 AM
Quote from: deanwebb on August 07, 2015, 09:05:04 AM
Quote from: warren.sullivan.526 on August 07, 2015, 08:33:20 AM
What DOD? US?


Sent from my iPhone using Tapatalk

In this case, yes.

this would require support for two-factor authentication.
Title: Re: config manager that will do alerts?
Post by: Otanx on August 07, 2015, 10:49:17 AM
Are you guys not doing the new RMF (Risk Management Framework) stuff yet, or just nobody willing to accept risk in your AO? If you are not familiar with it basically RMF says you don't need to meet every single requirement, but you need to identify what you can't meet, identify mitigation, and residual risk, and then get it signed off by someone in the cyber group depending on the level of risk left. So for something like RANCID you can't do two factor, but you mitigate the risk by limiting logins for that account only to the RANCID server, limiting commands it can run to only what is required, and finally by using a complex password 32 characters long with a 8/8/8/8 mix of upper/lower/numbers/symbols that is changed every X days. Then someone in the chain gets to sign off that the operational gains outweigh the risk.

-Otanx
Title: Re: config manager that will do alerts?
Post by: NetworkGroover on August 07, 2015, 11:44:42 AM
Quote from: Otanx on August 07, 2015, 10:49:17 AM
Are you guys not doing the new RMF (Risk Management Framework) stuff yet, or just nobody willing to accept risk in your AO? If you are not familiar with it basically RMF says you don't need to meet every single requirement, but you need to identify what you can't meet, identify mitigation, and residual risk, and then get it signed off by someone in the cyber group depending on the level of risk left. So for something like RANCID you can't do two factor, but you mitigate the risk by limiting logins for that account only to the RANCID server, limiting commands it can run to only what is required, and finally by using a complex password 32 characters long with a 8/8/8/8 mix of upper/lower/numbers/symbols that is changed every X days. Then someone in the chain gets to sign off that the operational gains outweigh the risk.

-Otanx

This is interesting insight - thanks for sharing.  I left my former company before they made (or started making) the transition to RMF.  Unfortunately there's nothing of any use I can offer here, sorry.
Title: Re: config manager that will do alerts?
Post by: warren.sullivan.526 on August 07, 2015, 05:21:33 PM

Quote from: Otanx on August 07, 2015, 10:49:17 AM
Are you guys not doing the new RMF (Risk Management Framework) stuff yet, or just nobody willing to accept risk in your AO? If you are not familiar with it basically RMF says you don't need to meet every single requirement, but you need to identify what you can't meet, identify mitigation, and residual risk, and then get it signed off by someone in the cyber group depending on the level of risk left. So for something like RANCID you can't do two factor, but you mitigate the risk by limiting logins for that account only to the RANCID server, limiting commands it can run to only what is required, and finally by using a complex password 32 characters long with a 8/8/8/8 mix of upper/lower/numbers/symbols that is changed every X days. Then someone in the chain gets to sign off that the operational gains outweigh the risk.

-Otanx

Great post!


Sent from my iPhone using Tapatalk
Text only | Text with Images