[103842] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post
RE: enterprise change/configuration management and compliance software?

daemon@ATHENA.MIT.EDU (Fred Reimer)
Tue Apr 15 11:35:01 2008

Date: Tue, 15 Apr 2008 10:58:25 -0400
In-Reply-To: <6ff30abd0804150634p341910d5s546bedcc22d8a7ff@mail.gmail.com>
From: "Fred Reimer" <freimer@ctiusa.com>
To: "jamie" <j@arpa.com>, "Phil Regnauld" <regnauld@catpipe.net>
Cc: <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu


This is a multipart message in MIME format.

------=_NextPart_000_0087_01C89EE7.A0C13630
Content-Type: multipart/alternative;
	boundary="----=_NextPart_001_0088_01C89EE7.A0C13630"


------=_NextPart_001_0088_01C89EE7.A0C13630
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit

There are tons of products out there.  You could try looking at Cisco
Network Compliance Manager.  It supposedly has built-in compliance rules for
financial institutions (GLB, SOX, etc).  If you want to pay, people will
gladly take your money.

 

Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS

Senior Network Engineer

Coleman Technologies, Inc.

954-298-1697

 

From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
jamie
Sent: Tuesday, April 15, 2008 9:35 AM
To: Phil Regnauld
Cc: nanog@merit.edu
Subject: Re: enterprise change/configuration management and compliance
software?

 

 

On Tue, Apr 15, 2008 at 2:31 AM, Phil Regnauld <regnauld@catpipe.net> wrote:

jamie (j) writes:
> `

> device, and by 'device' i mean router and/or switch) configuration
> management (and (ideally) compliance-auditing_and_assurance) software.
>
>   We currently use Voyence (now EMC) and are looking into other options
for
> various reasons, support being in the top-3 ...

       So I guess using something tried, tested and free like Rancid + ISC's
audit
       scripts are not within scope ?


That was my first thought, but the in the industry I'm currently in
(financial), open sourceware for things like this is a definite [fail].
 


>   So, I pose:  To you operators of multi-hundred-device networks : what do
> you use for such purposes(*) ?

       Rancid :) (+ and now some home developed stuff)


fail
 

 


>   This topic seemed to spark lively debate on efnet,

       The current weather would spark lively debate on most IRC channels.

       Phil



haha.  depends on the day and what other scandals were ao


------=_NextPart_001_0088_01C89EE7.A0C13630
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40">

<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>
<!--
 /* Font Definitions */
 @font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-reply;
	font-family:"Calibri","sans-serif";
	color:#1F497D;}
.MsoChpDefault
	{mso-style-type:export-only;}
@page Section1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
	{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
 <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
 <o:shapelayout v:ext=3D"edit">
  <o:idmap v:ext=3D"edit" data=3D"1" />
 </o:shapelayout></xml><![endif]-->
</head>

<body lang=3DEN-US link=3Dblue vlink=3Dpurple>

<div class=3DSection1>

<p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>There are tons of products out there.&nbsp; You could try =
looking at
Cisco Network Compliance Manager.&nbsp; It supposedly has built-in =
compliance rules
for financial institutions (GLB, SOX, etc).&nbsp; If you want to pay, =
people will
gladly take your money.<o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS</span><span
style=3D'color:#1F497D'><o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Senior Network Engineer<o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Coleman Technologies, Inc.<o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>954-298-1697<o:p></o:p></span></p>

<p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p>&nbsp;</o:p></span></p>

<div style=3D'border:none;border-left:solid blue 1.5pt;padding:0in 0in =
0in 4.0pt'>

<div>

<div style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt =
0in 0in 0in'>

<p class=3DMsoNormal><b><span =
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span>=
</b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] <b>On Behalf Of =
</b>jamie<br>
<b>Sent:</b> Tuesday, April 15, 2008 9:35 AM<br>
<b>To:</b> Phil Regnauld<br>
<b>Cc:</b> nanog@merit.edu<br>
<b>Subject:</b> Re: enterprise change/configuration management and =
compliance
software?<o:p></o:p></span></p>

</div>

</div>

<p class=3DMsoNormal><o:p>&nbsp;</o:p></p>

<p class=3DMsoNormal><o:p>&nbsp;</o:p></p>

<div>

<p class=3DMsoNormal>On Tue, Apr 15, 2008 at 2:31 AM, Phil Regnauld =
&lt;<a
href=3D"mailto:regnauld@catpipe.net">regnauld@catpipe.net</a>&gt; =
wrote:<o:p></o:p></p>

<p class=3DMsoNormal>jamie (j) writes:<br>
&gt; `<o:p></o:p></p>

<div>

<p class=3DMsoNormal style=3D'margin-bottom:12.0pt'>&gt; device, and by =
'device' i
mean router and/or switch) configuration<br>
&gt; management (and (ideally) compliance-auditing_and_assurance) =
software.<br>
&gt;<br>
&gt; &nbsp; We currently use Voyence (now EMC) and are looking into =
other
options for<br>
&gt; various reasons, support being in the top-3 ...<o:p></o:p></p>

</div>

<p class=3DMsoNormal>&nbsp; &nbsp; &nbsp; &nbsp;So I guess using =
something tried,
tested and free like Rancid + ISC's audit<br>
&nbsp; &nbsp; &nbsp; &nbsp;scripts are not within scope ?<o:p></o:p></p>

<div>

<p class=3DMsoNormal><br>
That was my first thought, but the in the industry I'm currently in
(financial), open sourceware for things like this is a definite =
[fail].<br>
&nbsp;<o:p></o:p></p>

</div>

<blockquote style=3D'border:none;border-left:solid #CCCCCC =
1.0pt;padding:0in 0in 0in 6.0pt;
margin-left:4.8pt;margin-right:0in'>

<div>

<p class=3DMsoNormal style=3D'margin-bottom:12.0pt'><br>
&gt; &nbsp; So, I pose: &nbsp;To you operators of multi-hundred-device =
networks
: what do<br>
&gt; you use for such purposes(*) ?<o:p></o:p></p>

</div>

<p class=3DMsoNormal>&nbsp; &nbsp; &nbsp; &nbsp;Rancid :) (+ and now =
some home
developed stuff)<o:p></o:p></p>

</blockquote>

<div>

<p class=3DMsoNormal><br>
fail<br>
&nbsp;<o:p></o:p></p>

</div>

<blockquote style=3D'border:none;border-left:solid #CCCCCC =
1.0pt;padding:0in 0in 0in 6.0pt;
margin-left:4.8pt;margin-right:0in'>

<p class=3DMsoNormal><o:p>&nbsp;</o:p></p>

<div>

<p class=3DMsoNormal style=3D'margin-bottom:12.0pt'><br>
&gt; &nbsp; This topic seemed to spark lively debate on =
efnet,<o:p></o:p></p>

</div>

<p class=3DMsoNormal>&nbsp; &nbsp; &nbsp; &nbsp;The current weather =
would spark
lively debate on most IRC channels.<br>
<span style=3D'color:#888888'><br>
&nbsp; &nbsp; &nbsp; &nbsp;Phil</span><o:p></o:p></p>

</blockquote>

</div>

<p class=3DMsoNormal><br>
<br clear=3Dall>
haha.&nbsp; depends on the day and what other scandals were =
ao<o:p></o:p></p>

</div>

</div>

</body>

</html>

------=_NextPart_001_0088_01C89EE7.A0C13630--

------=_NextPart_000_0087_01C89EE7.A0C13630
Content-Type: application/x-pkcs7-signature;
	name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII0jCCAlow
ggHDoAMCAQICEE/N8u+Cjf1akAnPH3Rf2m8wDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MDEyMjIxMjcyN1oXDTA5MDEyMTIxMjcy
N1owRDEfMB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjEhMB8GCSqGSIb3DQEJARYSZnJl
aW1lckBjdGl1c2EuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFAAtjFvwayIA70SOY
SunlDptyQhb1DviV+LHKOcX5MadLk2NANpODodUvSUb2AgwAqOkCv7cEEMVTAtYaupWbqtyTSTC8
/T8+mmKwBFgci1PmQrkfE30vneHVuylH2n/lKE4vbLXDFKpcIvqSE8SkgAxQFF2+npog2Uxase9t
6QIDAQABoy8wLTAdBgNVHREEFjAUgRJmcmVpbWVyQGN0aXVzYS5jb20wDAYDVR0TAQH/BAIwADAN
BgkqhkiG9w0BAQUFAAOBgQAHcmBSgreS/FopWMmY+jGgR8IMk07AxNIyvszC1+EqT5GN8CB+BOrr
ePcfIajM/1s/jVJhl7GN/wbKx39vcRFLdTMWfYwRWXJfJFk9C7NBp5QmpUaVxi/q0BFTC9l25BnB
13sv24vIsjSCGif979xFZpwEdP+UZ4U9xfqG+Ps32jCCAy0wggKWoAMCAQICAQAwDQYJKoZIhvcN
AQEEBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNh
cGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBD
QTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw05NjAxMDEw
MDAwMDBaFw0yMDEyMzEyMzU5NTlaMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD
YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYD
VQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVy
c29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0
ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANRp19SwlGRbcelH2AxRtupykbCEXn0t
DY97Et+FJXUodDpCLGMnn5V7S+9+GYcdhuqj3bnOlmQawhRuRKx85o/oTQ9xH0A4pgCjh3j2+ZSG
Xq3qwF5269kUo11uenwMpUtVfwYZKX+emibVars4JAhqmMex2qOYkf152+VaxBy5AgMBAAGjEzAR
MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAx+ySfk749ZalZ2IqpPBNEWDQb41g
WGGsJrtSNVwIzzD7qEqWih9iQiOMFw/0umScF6xHKd+dmF7SbGBxXKKs3Hnj524ARx+1DSjoAp3k
mv0T9KbZfLH43F8jJgmRgHPQFBveQ6mDJfLmnC8Vyv6mq4oHdYsM3VGEa+T40c53ooEwggM/MIIC
qKADAgECAgENMA0GCSqGSIb3DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVy
biBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgw
JgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUg
UGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRo
YXd0ZS5jb20wHhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQswCQYDVQQGEwJaQTEl
MCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBl
cnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSm
PFVzVftOucqZWh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO3cnw
K4Vaqj9xVsuvPAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSFD0gEf6e2
0TxhBEAeZBlyYLf7AgMBAAGjgZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDig
NqA0hjJodHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDAL
BgNVHQ8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0G
CSqGSIb3DQEBBQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSdf0whuPg2H6otnzYvwPQc
UCCTcDz9reFhYsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcljd2pnDmOjCBPZV+V2vf3h9bGCE6u
9uo05RAaWzVNd+NWIXiC3CEZNd4ksdMdRv9dX2VPMYIC+DCCAvQCAQEwdjBiMQswCQYDVQQGEwJa
QTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3Rl
IFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEE/N8u+Cjf1akAnPH3Rf2m8wCQYFKw4DAhoF
AKCCAdgwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDgwNDE1MTQ1
ODI1WjAjBgkqhkiG9w0BCQQxFgQUjH0MnuzqLJ5KGPSOu2z8A9vB7lYwZwYJKoZIhvcNAQkPMVow
WDAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYI
KoZIhvcNAwICASgwBwYFKw4DAhowCgYIKoZIhvcNAgUwgYUGCSsGAQQBgjcQBDF4MHYwYjELMAkG
A1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT
I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAhBPzfLvgo39WpAJzx90X9pvMIGH
BgsqhkiG9w0BCRACCzF4oHYwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0
aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5n
IENBAhBPzfLvgo39WpAJzx90X9pvMA0GCSqGSIb3DQEBAQUABIGADsgF20eXuFIGuE+YZsSpOi/J
tdTpN1x0XXrOJrPomdG//BhYsWdUjf1BIgnBjNqgsx8ESpP/ddS2JTeFtoiu2+Kp7GV1P0YuPPtc
T1hRpJ837Rlcl6rcgzye4R/7Z54ziqTWAv9aMSOabzMrATirVtJHZED1SaUtOhQ+u7I/kAkAAAAA
AAA=

------=_NextPart_000_0087_01C89EE7.A0C13630--

home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[103842] in North American Network Operators' Group

RE: enterprise change/configuration management and compliance software?

daemon@ATHENA.MIT.EDU (Fred Reimer)Tue Apr 15 11:35:01 2008

daemon@ATHENA.MIT.EDU (Fred Reimer)
Tue Apr 15 11:35:01 2008
