Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
0
Helpful
6
Replies

Automated config check

andrewpartington
Level 1
Level 1

‎01-06-2002 09:37 PM - edited ‎03-01-2019 07:56 PM

Guys and Gals,

Im looking into seeing if such a bit of software exists, but...is there an automated backup and compare piece of software for routers and switches (in fact any device which uses the TFTP protocol to transfer data (we have HP switches as well as Cisco and Nortel)).

I should explain..I need this software to see when a config or whatever has been changed without a change control process being initiated. We have had some issues with changes being made without this happening. Id like to automate this process of downloading the config file, doing a compare of the last backup file and flagging any changes to Network admin or whoever.

I am considering trying to script such a task, but have no idea how to encrypt a username/password into a Script file in order to be secure.

So anyone on either the automatic backup software or a scripting guru, please let me know of any ideas.

Thanks.

Andrew

Labels:
0 Helpful
6 Replies 6

r.cheung
Level 1
Level 1

‎01-07-2002 06:27 AM

If you had Ciscoworks you could use RME for config checks. Otherwise, I believe Tripwire has come out with a version for routers that do config checks. They may not be automated though.

0 Helpful

andrewpartington
Level 1
Level 1
In response to r.cheung

‎01-07-2002 04:55 PM

Thanks for the reply. We do have Cisco works, but never used the RME function. Will have a look into Tripwire and the Cisco works way of doing things. It would be nice if you could say use the scheduled tasks function or a Cron type job to get the script or software to go out and do the check. Once the config file is on a local machine, then I can script whatever to do a compare and flag it.

Any more info on this would be greatly appreciated.

Andrew

0 Helpful

jpelletier
Level 1
Level 1

‎01-16-2002 03:32 PM

Although I don't know of such as product why not simply change the enable secret(cisco) passwords? Then only the admin could change the configs.

0 Helpful

rmushtaq
Level 8
Level 8

‎01-16-2002 03:37 PM

RME in CW2000 bundle can handle Configuration Management. Look at the docs for more details.

0 Helpful

cwu
Level 1
Level 1

‎01-17-2002 06:01 AM

You could use rsh/rcp to download a copy of the config. To use this you have to set up users on the router/switch and explicitly configure the set of user/host pairs the router/switch will accept r-commands from. A nice side effect of having usernames on the router is that you know who has logged in when and did a 'conf t'. (BTW with rcp and rsh the passwords never go over the net in the clear.) It would be nice if ssh were supported. (hint, hint)

Another way of tracking config changes is to just look at the log entries (on a secure syslog server, of course). There is probably also an SNMP OID that tells you when the config was changed last.

0 Helpful

awo
Level 1
Level 1

‎02-22-2002 01:38 AM

You can use CW2k for that, but if you only need those funcionality please look for:

http://cosi-nms.sourceforge.net/

http://sourceforge.net/project/showfiles.php?group_id=25401&release_id=60367

There is a tool called ciscoconf which fetch config from routers and switches (and can be added whatever you want) and puts it in RCS or CVS tree 8-)

0 Helpful
Customers Also Viewed These Support Documents