11-10-2008 02:15 PM - edited 03-11-2019 07:11 AM
Is there a cheap(or free) solution/software out there that can keep track of the firewall fule changes people make to the ASA/PIX? I want to know what changes have been made, who made the change and what time it happened. I believe the Cisco Security Manager can do that. Are there any other solutions out there?
11-11-2008 05:00 AM
Hello Gary,
I think this is possible only using accounting. Free Radius may handle this
http://freeradius.org/features.html.
Regards
11-11-2008 05:32 AM
That can be easily done with either Cisco
Secure ACS (cost money) or freeware tacacs
(FREE)
There is a vendor out there called Firemon.
It can keep track of changes on the firewall
and compared the differences. It works quite
well on Checkpoint firewalls, Nokia appliances
and Cisco IOS routers. I have not tried it
with ASA. This is a comercial software so it
costs money. The alternative is to use RANCID
which can do the same thing.
my 2c.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide