From: Leigh Harrison (ccileigh@gmail.com)
Date: Mon Dec 11 2006 - 10:06:36 ART
Derby,
You could do most of that via aaa config on the router....
LH
#15331
Darby Weaver wrote:
> If you are located in the US, regardless of your
> feelings, chances are that you need rancid or
> something like it for legal compliance -- between SOX,
> FISMA, and HIPAA, most commercial and government
> entities need lots of monitoring. If you don't think
> you need it now, but you are subject to any kind of
> auditing and haven't been audited yet, do yourself a
> favor and implement it now.
>
> Quite aside from legal issues, tools like rancid are
> great for lots of real-life reasons. They are good
> for:
>
> * detecting surprise changes ("when did that change
> occur? Sure would be nice to have an automated tool
> to tell us when someone makes a change in the middle
> of the night and forgets to send email");
>
> * security monitoring of routers ("where did that
> permissive ACL come from? Sure would be nice if a
> tool could tell us what changes occurred on routers,
> so if anything suspicious happens, we can know
> immediately instead of when it ends up in the media");
>
> * exercising router flashes ("Whoops, the flash went
> bad but the device continued to function in-memory, so
> nobody noticed until a power outage. Sure would be
> nice if we had a tool that periodically logged in to
> devices and ran a bunch of commands that demonstrate
> that it is working well");
>
> * backing up configs ("Our last manual backup of the
> router config was 5 years ago; we've upgraded it
> twice, and added lots of ACLs since then. Wouldn't an
> automated way to get config backups make sense?")
>
>
> --- Darby Weaver <darbyweaver@yahoo.com> wrote:
>
>
>> Actually,
>>
>> I was thinking more of SolarWind's Cirrus product.
>>
>> And I was talking about Rancid and its usage of CVS
>> (Common Versioning System) to email configs of one's
>> network's devices to report change.
>>
>> I was thinking in terms of using these tools in
>> conjuntion with Cisco ACS for instance in the sense
>> of
>> Change Management and accountability.
>>
>>
>>
>> --- Brad Ellis <brad@ccbootcamp.com> wrote:
>>
>>
>>> I fly a Cirrus SR-22...does that count???
>>>
>>> (actually, the darn thing almost ran me over
>>> yesterday...was pulling it out
>>> of the hanger down a steep downslope and the
>>> co-pilot side brakes
>>> failed...not a fun day)
>>>
>>> -b
>>> ----- Original Message -----
>>> From: "Darby Weaver" <darbyweaver@yahoo.com>
>>> To: "Cisco certification" <ccielab@groupstudy.com>
>>> Sent: Sunday, December 10, 2006 9:19 PM
>>> Subject: Rancid anyone?
>>>
>>>
>>>
>>>> Anyone using Rancid?
>>>>
>>>> Or are most using CatTools? CiscoWorks? or
>>>>
>> Cirrus?
>>
>>>>
> _______________________________________________________________________
>
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>
> _______________________________________________________________________
>
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>
> _______________________________________________________________________
>
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART