[169449] in North American Network Operators' Group
Re: Managing IOS Configuration Snippets
daemon@ATHENA.MIT.EDU (Mark Tinka)
Thu Feb 27 02:46:31 2014
From: Mark Tinka <mark.tinka@seacom.mu>
To: nanog@nanog.org
Date: Thu, 27 Feb 2014 09:45:34 +0200
In-Reply-To: <CAL9jLaZtFmRM+N5za9jO-YSwpTqrSbf4d6LLF1uUG-eD8QaBqw@mail.gmail.com>
Reply-To: mark.tinka@seacom.mu
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--nextPart2358485.GkgCly84lG
Content-Type: Text/Plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
We are evaluating a piece of software called Skybox:
http://www.skyboxsecurity.com/
It's geared to security analytics, but it does allow you to=20
define configurations that are expected on a device, what=20
software version it is running, whether commands that aren't=20
there are, and those that should be there aren't, e.t.c.
It supports all major network equipment vendors, and also=20
allows for simple or complex regular expressions that can be=20
used to search configuration files more easily.
It is an offline system, so all you do is regularly present=20
it with a text file of the device's running configuration,=20
and it will do the necessary checks per the policy you have=20
defined.
Based on the configuration files it has, it can also create=20
a visual model of your network. Not something you'd rely on=20
given you have other tools for that, but kind of cool,=20
nonetheless.
Worth a look, I'd say.
Mark.
--nextPart2358485.GkgCly84lG
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
iQIcBAABAgAGBQJTDu0hAAoJEGcZuYTeKm+GETAP/R9Rc37+SJ6prk4XwZHpK5L4
d7M49MHDCzL6RB0VvQoGwDSz5hldFS1ps/VwK38k6pFAK+0iYeQWV2AtkUhCuBhR
h9THZGzvgwIfDPybOlHvcDveIL9NSbLWJQeFzd/jCQ4wYK5taq3A92Ya3ohUKqyV
+nzi7oYy0GLqUaW9JSHunmoUp5xJhS1QjrVUwk/or34J/B2Ml6orQ7WhwH1QvMvf
o5WpXs3O24rd57Wz3SdVAmosA5qe4iuTyVm+wEiyQ5xRaAKCTwsEobWHEcos6cat
lSrMDHdctQXz0uzF+F0yIZ1N1f2jl+YaFO0HraWctbOJUnK5chRgAE5ABZBO1HDS
Nocxsw2e3kKUhf+Jtig5OAysYcEf7tB8ZUVEmiFCzIB1SH33yYOBjoYXRDvbI7wB
oq5ySHwQUyepZfOuE9999caNA3dDfLbqOTH1xXe+uhs8pzTuoBhM9T6L0q447y34
ryA6V6tyDuR4xo/JA1AIhTzh9DncPjf13qXnvMUY1ie2phfNhtgTEDMiMewldHeQ
u1uZQaM/y6WeQVR6mZg16kHoG4cRXPmkuBCWb0SKseQHf473MxJuvYbAx181/93K
X9jgjd0jZz+ANi7A5ciWP13UbCFT7kmyKlp0H7h+DjHLq0ZNFeRIJ4FxWf5ZYRJA
KgbZDFsMDjZ7e08AVO4o
=0F/I
-----END PGP SIGNATURE-----
--nextPart2358485.GkgCly84lG--
