PIX auditing tool

Unanswered Question
Nov 20th, 2007

Does anyone know of a good PIX auditing tool? I did a search and found the one by Algosec (still pending) and tried a RAT that had PIX functionality built in with no luck. I setup VMS 2.3 with the MC 1.3.6 and maybe I'm lost but I saw no auditing capabilities there. Anybody have any suggestions? I mean, besides the look over your config and actually know what you're looking at.

Thanks. Take care and God bless.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
vkapoor5 Mon, 11/26/2007 - 15:19

Cisco Secure Policy Manager 3.1 (CSPM) is a component of the CiscoWorks VPN/Security Management Solution (VMS). It provides policy-based security management for Cisco PIX Firewalls and IP Security (IPSec) virtual private network (VPN) routers. CSPM is used to define, distribute, enforce, and audit network-wide security policies from a central location. Cisco Secure Policy Manager also provides system auditing, including real-time alarm notification and web-based reporting.

http://www.cisco.com/en/US/products/sw/secursw/ps2133/products_data_sheet09186a0080092280.html

justin.jocewicz Mon, 11/26/2007 - 15:35

Thanks. So here is the problem. The "audit" part is done by retrieving logs, monitors, and reports security policy events.

I am looking for a tool that you put your config into and it would look for problems based upon best security practices. I.e. line 1 permit ip any any and then line 2 permit tcp host x. eq www or whatever being more specific. Or going through the VPN section and saying VPN # x is using policy DES MD5 with no PFS, it's recommended to do x. You see what I'm saying?

Thanks. Take care and God bless.

sachin.verma Mon, 11/26/2007 - 22:33

Hi Justin,

Try using Nipper,its awesome.Nipper processes network device configuration files, performs a security audit and outputs a security report with recommendations and a configuration report. Nipper currently supports Cisco IOS, PIX, ASA, FWSM, NMP, CatOS and Juniper NetScreen devices

You can download it from -

http://sourceforge.net/projects/nipper

You can go through the quick start guide to know about its usage.Let me know if it helps.

Plz rate this post.

cheers

sachin verma

justin.jocewicz Wed, 11/28/2007 - 10:23

Thanks Sachin. I had downloaded this, but hadn't tried it out. I'm trying the algosec tool out also since they support Checkpoint platforms too. We'll see. Nipper does a really good job of giving the quick and dirty in a few nice formats. Thanks again. Take care and God bless.

Actions

This Discussion