Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Firewall Wizards: Re: Cisco Security Manager clone?

Re: Cisco Security Manager clone?

From: Glenn Crissman <gwcrissman_at_gmail.com>
Date: Fri, 2 May 2008 00:34:29 -0400

Check out Kiwi Cat Tools. I've used it for a while now and found it to be
quite helpful in a situation like yours. I manage a network with 67 ASA 5505
firewalls in remote offices connected back to a central ASA 5520 via IPSec
VPN. Kiwi works very well to push mass changes to these devices in minutes,
and has a nice handy feature in that you can schedule it to automatically
back up your configs to your management server for safe keeping. Kiwi is by
no means a replacement for CSM but it does a pretty good job.

It will interface to the devices via Telnet, SSH, etc. I personally
interface to my devices via SSH but your mileage and requirements may vary.
It also supports a wide variety of other Cisco devices - switches, routers,
etc. Licensing is by device count.

If I recall correctly you can download an eval copy of it and it will manage
a small set of devices fully functional so you can try it out and see if it
works for what you need.

Hope this helps. Good luck!

On Wed, Apr 30, 2008 at 11:01 AM, Mike Davis <mdavis_at_gsp.net> wrote:

> This is my first posting so be gentle ;-)
>
>
>
> I have an environment that is all Cisco based firewalls for my edge
> protection and site to site vpns. I have a little over 100 remote sites
> running on ASA 5505's with an AES Tunnel to both the primary (HQ) and
> secondary (DR ) sites. It is working quite nicely and has been for years
> now but the problem I have is this… all my remote site firewalls are not
> centrally managed in the sense that I can make one change in a console and
> push it globally to all my remote firewalls so that when a change is
> required, I have to log into each and every one (I use SSH) and make the
> changes.
>
> I know that Cisco Security Manager will allow me to do that but at the
> 100K pricetag I was quoted from Cisco with the blink of an eye… I just
> cannot put that into my budget.
>
>
>
> Does anyone know of or can recommend any freeware or low-cost-ware
> application that will allow me to monitor and make global config changes
> without having to SSH to each one? The ability to segregate into groups and
> manage based upon groups would certainly be a plus as well but not a
> requirement.
>
>
>
> Thanks in advance!
>
>
>
> *Mike Davis*
>
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards_at_listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Received on May 02 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]