config manager that will do alerts?

Started by dlots, July 16, 2015, 06:05:33 PM

Previous topic - Next topic

dlots

I am looking for a config manager that will compare the configs and alert me if there are changes made,  I know Cisco Works and Solarwinds can do this, I was just hoping for something cheaper.  Rconfig looks really cool but doesn't look like it does the compare or alert thing.

dlots


Otanx

RANCID does it very well, free, and is easy to setup (if you are comfortable with Linux).

-Otanx

wintermute000

a few years ago Kiwi Cattools was popular in mid-market if you want windows/GUI
rancid FTW

DanC

Quote from: wintermute000 on July 16, 2015, 10:05:02 PM
a few years ago Kiwi Cattools was popular in mid-market if you want windows/GUI

I've used this in my last 2 roles, good product and dirt cheap :)

routerdork

Cacti has a config comparison plugin but I'm not sure anything exists to alert on changes. Currently we use Solarwinds for this due to the company wanting us to use it for everything. I would much rather use something else though.
"The thing about quotes on the internet is that you cannot confirm their validity." -Abraham Lincoln

Otanx

Had a demo from these guys the other day. The interface looks kind of cool if you want a GUI. Does more than just Cisco. Pricing didn't seem too bad to me, but I don't know what your budget is.

https://www.scriptrock.com/product

-Otanx

dlots

Anyone know any that are DOD approved?

warren.sullivan.526

What DOD? US?


Sent from my iPhone using Tapatalk

deanwebb

Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

icecream-guy

Quote from: deanwebb on August 07, 2015, 09:05:04 AM
Quote from: warren.sullivan.526 on August 07, 2015, 08:33:20 AM
What DOD? US?


Sent from my iPhone using Tapatalk

In this case, yes.

this would require support for two-factor authentication.
:professorcat:

My Moral Fibers have been cut.

Otanx

Are you guys not doing the new RMF (Risk Management Framework) stuff yet, or just nobody willing to accept risk in your AO? If you are not familiar with it basically RMF says you don't need to meet every single requirement, but you need to identify what you can't meet, identify mitigation, and residual risk, and then get it signed off by someone in the cyber group depending on the level of risk left. So for something like RANCID you can't do two factor, but you mitigate the risk by limiting logins for that account only to the RANCID server, limiting commands it can run to only what is required, and finally by using a complex password 32 characters long with a 8/8/8/8 mix of upper/lower/numbers/symbols that is changed every X days. Then someone in the chain gets to sign off that the operational gains outweigh the risk.

-Otanx

NetworkGroover

Quote from: Otanx on August 07, 2015, 10:49:17 AM
Are you guys not doing the new RMF (Risk Management Framework) stuff yet, or just nobody willing to accept risk in your AO? If you are not familiar with it basically RMF says you don't need to meet every single requirement, but you need to identify what you can't meet, identify mitigation, and residual risk, and then get it signed off by someone in the cyber group depending on the level of risk left. So for something like RANCID you can't do two factor, but you mitigate the risk by limiting logins for that account only to the RANCID server, limiting commands it can run to only what is required, and finally by using a complex password 32 characters long with a 8/8/8/8 mix of upper/lower/numbers/symbols that is changed every X days. Then someone in the chain gets to sign off that the operational gains outweigh the risk.

-Otanx

This is interesting insight - thanks for sharing.  I left my former company before they made (or started making) the transition to RMF.  Unfortunately there's nothing of any use I can offer here, sorry.
Engineer by day, DJ by night, family first always

warren.sullivan.526


Quote from: Otanx on August 07, 2015, 10:49:17 AM
Are you guys not doing the new RMF (Risk Management Framework) stuff yet, or just nobody willing to accept risk in your AO? If you are not familiar with it basically RMF says you don't need to meet every single requirement, but you need to identify what you can't meet, identify mitigation, and residual risk, and then get it signed off by someone in the cyber group depending on the level of risk left. So for something like RANCID you can't do two factor, but you mitigate the risk by limiting logins for that account only to the RANCID server, limiting commands it can run to only what is required, and finally by using a complex password 32 characters long with a 8/8/8/8 mix of upper/lower/numbers/symbols that is changed every X days. Then someone in the chain gets to sign off that the operational gains outweigh the risk.

-Otanx

Great post!


Sent from my iPhone using Tapatalk