Does anyone know of a tool that manages ASA/PIX/IOS ACLs? I am looking for a tool that can maintain shared policies and allow for local policies as well. Using the shared policies, I would like to be able to make one change to the policy and have it reflected to all the devices that share that policy.
I have evaluated Cisco Security Manager. I like the way the Access-rule portion functions, but I don't need it to manage any other part of my firewall configs. I have seen a bug where CSM wasn't able to detect port speed of the ASA5505. This bug would have left a large portion of our network down and unreachable for some time. Being able to use CSM to manage only the ACLs of my devices would reduce the chances of a bug bringing down my network and leaving the devices unreachable.
I also evaluated Solsoft Policy Server. This is a very slick approach to managing access on a network, but is a bit pricey. I may revisit this in the future if I am still in need of a solution.
I appreciate any suggestions.