11-20-2007 06:04 PM - edited 03-11-2019 04:33 AM
Does anyone know of a good PIX auditing tool? I did a search and found the one by Algosec (still pending) and tried a RAT that had PIX functionality built in with no luck. I setup VMS 2.3 with the MC 1.3.6 and maybe I'm lost but I saw no auditing capabilities there. Anybody have any suggestions? I mean, besides the look over your config and actually know what you're looking at.
Thanks. Take care and God bless.
11-26-2007 03:19 PM
Cisco Secure Policy Manager 3.1 (CSPM) is a component of the CiscoWorks VPN/Security Management Solution (VMS). It provides policy-based security management for Cisco PIX Firewalls and IP Security (IPSec) virtual private network (VPN) routers. CSPM is used to define, distribute, enforce, and audit network-wide security policies from a central location. Cisco Secure Policy Manager also provides system auditing, including real-time alarm notification and web-based reporting.
http://www.cisco.com/en/US/products/sw/secursw/ps2133/products_data_sheet09186a0080092280.html
11-26-2007 03:35 PM
Thanks. So here is the problem. The "audit" part is done by retrieving logs, monitors, and reports security policy events.
I am looking for a tool that you put your config into and it would look for problems based upon best security practices. I.e. line 1 permit ip any any and then line 2 permit tcp host x. eq www or whatever being more specific. Or going through the VPN section and saying VPN # x is using policy DES MD5 with no PFS, it's recommended to do x. You see what I'm saying?
Thanks. Take care and God bless.
11-26-2007 07:09 PM
How about "Output Interpreter".
https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl
Does this help.
Regards,
Arul
11-26-2007 10:33 PM
Hi Justin,
Try using Nipper,its awesome.Nipper processes network device configuration files, performs a security audit and outputs a security report with recommendations and a configuration report. Nipper currently supports Cisco IOS, PIX, ASA, FWSM, NMP, CatOS and Juniper NetScreen devices
You can download it from -
http://sourceforge.net/projects/nipper
You can go through the quick start guide to know about its usage.Let me know if it helps.
Plz rate this post.
cheers
sachin verma
11-28-2007 10:23 AM
Thanks Sachin. I had downloaded this, but hadn't tried it out. I'm trying the algosec tool out also since they support Checkpoint platforms too. We'll see. Nipper does a really good job of giving the quick and dirty in a few nice formats. Thanks again. Take care and God bless.
11-28-2007 11:20 AM
Suprised that no one spelled Manage Engine Firewall Analyzer
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide