Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1183
Views
4
Helpful
6
Replies

PIX auditing tool

justin.jocewicz
Level 1
Level 1

‎11-20-2007 06:04 PM - edited ‎03-11-2019 04:33 AM

Does anyone know of a good PIX auditing tool? I did a search and found the one by Algosec (still pending) and tried a RAT that had PIX functionality built in with no luck. I setup VMS 2.3 with the MC 1.3.6 and maybe I'm lost but I saw no auditing capabilities there. Anybody have any suggestions? I mean, besides the look over your config and actually know what you're looking at.

Thanks. Take care and God bless.

Labels:
0 Helpful
6 Replies 6

vkapoor5
Level 5
Level 5

‎11-26-2007 03:19 PM

Cisco Secure Policy Manager 3.1 (CSPM) is a component of the CiscoWorks VPN/Security Management Solution (VMS). It provides policy-based security management for Cisco PIX Firewalls and IP Security (IPSec) virtual private network (VPN) routers. CSPM is used to define, distribute, enforce, and audit network-wide security policies from a central location. Cisco Secure Policy Manager also provides system auditing, including real-time alarm notification and web-based reporting.

http://www.cisco.com/en/US/products/sw/secursw/ps2133/products_data_sheet09186a0080092280.html

0 Helpful

justin.jocewicz
Level 1
Level 1
In response to vkapoor5

‎11-26-2007 03:35 PM

Thanks. So here is the problem. The "audit" part is done by retrieving logs, monitors, and reports security policy events.

I am looking for a tool that you put your config into and it would look for problems based upon best security practices. I.e. line 1 permit ip any any and then line 2 permit tcp host x. eq www or whatever being more specific. Or going through the VPN section and saying VPN # x is using policy DES MD5 with no PFS, it's recommended to do x. You see what I'm saying?

Thanks. Take care and God bless.

0 Helpful

ajagadee
Cisco Employee
Cisco Employee
In response to justin.jocewicz

‎11-26-2007 07:09 PM

How about "Output Interpreter".

https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl

Does this help.

Regards,

Arul

0 Helpful

sachin.verma
Level 1
Level 1
In response to justin.jocewicz

‎11-26-2007 10:33 PM

Hi Justin,

Try using Nipper,its awesome.Nipper processes network device configuration files, performs a security audit and outputs a security report with recommendations and a configuration report. Nipper currently supports Cisco IOS, PIX, ASA, FWSM, NMP, CatOS and Juniper NetScreen devices

You can download it from -

http://sourceforge.net/projects/nipper

You can go through the quick start guide to know about its usage.Let me know if it helps.

Plz rate this post.

cheers

sachin verma

justin.jocewicz
Level 1
Level 1
In response to sachin.verma

‎11-28-2007 10:23 AM

Thanks Sachin. I had downloaded this, but hadn't tried it out. I'm trying the algosec tool out also since they support Checkpoint platforms too. We'll see. Nipper does a really good job of giving the quick and dirty in a few nice formats. Thanks again. Take care and God bless.

0 Helpful

husycisco
Level 7
Level 7

‎11-28-2007 11:20 AM

Suprised that no one spelled Manage Engine Firewall Analyzer

http://manageengine.adventnet.com/products/firewall/

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card