11-20-2007 06:04 PM - edited 03-11-2019 04:33 AM
Does anyone know of a good PIX auditing tool? I did a search and found the one by Algosec (still pending) and tried a RAT that had PIX functionality built in with no luck. I setup VMS 2.3 with the MC 1.3.6 and maybe I'm lost but I saw no auditing capabilities there. Anybody have any suggestions? I mean, besides the look over your config and actually know what you're looking at.
Thanks. Take care and God bless.
11-26-2007 03:19 PM
Cisco Secure Policy Manager 3.1 (CSPM) is a component of the CiscoWorks VPN/Security Management Solution (VMS). It provides policy-based security management for Cisco PIX Firewalls and IP Security (IPSec) virtual private network (VPN) routers. CSPM is used to define, distribute, enforce, and audit network-wide security policies from a central location. Cisco Secure Policy Manager also provides system auditing, including real-time alarm notification and web-based reporting.
http://www.cisco.com/en/US/products/sw/secursw/ps2133/products_data_sheet09186a0080092280.html
11-26-2007 03:35 PM
Thanks. So here is the problem. The "audit" part is done by retrieving logs, monitors, and reports security policy events.
I am looking for a tool that you put your config into and it would look for problems based upon best security practices. I.e. line 1 permit ip any any and then line 2 permit tcp host x. eq www or whatever being more specific. Or going through the VPN section and saying VPN # x is using policy DES MD5 with no PFS, it's recommended to do x. You see what I'm saying?
Thanks. Take care and God bless.
11-26-2007 07:09 PM
How about "Output Interpreter".
https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl
Does this help.
Regards,
Arul
11-26-2007 10:33 PM
Hi Justin,
Try using Nipper,its awesome.Nipper processes network device configuration files, performs a security audit and outputs a security report with recommendations and a configuration report. Nipper currently supports Cisco IOS, PIX, ASA, FWSM, NMP, CatOS and Juniper NetScreen devices
You can download it from -
http://sourceforge.net/projects/nipper
You can go through the quick start guide to know about its usage.Let me know if it helps.
Plz rate this post.
cheers
sachin verma
11-28-2007 10:23 AM
Thanks Sachin. I had downloaded this, but hadn't tried it out. I'm trying the algosec tool out also since they support Checkpoint platforms too. We'll see. Nipper does a really good job of giving the quick and dirty in a few nice formats. Thanks again. Take care and God bless.
11-28-2007 11:20 AM
Suprised that no one spelled Manage Engine Firewall Analyzer
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: