Does anyone know of a good PIX auditing tool? I did a search and found the one by Algosec (still pending) and tried a RAT that had PIX functionality built in with no luck. I setup VMS 2.3 with the MC 1.3.6 and maybe I'm lost but I saw no auditing capabilities there. Anybody have any suggestions? I mean, besides the look over your config and actually know what you're looking at.
Cisco Secure Policy Manager 3.1 (CSPM) is a component of the CiscoWorks VPN/Security Management Solution (VMS). It provides policy-based security management for Cisco PIX Firewalls and IP Security (IPSec) virtual private network (VPN) routers. CSPM is used to define, distribute, enforce, and audit network-wide security policies from a central location. Cisco Secure Policy Manager also provides system auditing, including real-time alarm notification and web-based reporting.
Thanks. So here is the problem. The "audit" part is done by retrieving logs, monitors, and reports security policy events.
I am looking for a tool that you put your config into and it would look for problems based upon best security practices. I.e. line 1 permit ip any any and then line 2 permit tcp host x. eq www or whatever being more specific. Or going through the VPN section and saying VPN # x is using policy DES MD5 with no PFS, it's recommended to do x. You see what I'm saying?
Try using Nipper,its awesome.Nipper processes network device configuration files, performs a security audit and outputs a security report with recommendations and a configuration report. Nipper currently supports Cisco IOS, PIX, ASA, FWSM, NMP, CatOS and Juniper NetScreen devices
Thanks Sachin. I had downloaded this, but hadn't tried it out. I'm trying the algosec tool out also since they support Checkpoint platforms too. We'll see. Nipper does a really good job of giving the quick and dirty in a few nice formats. Thanks again. Take care and God bless.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...