RE: Rancid anyone?

From: Eric.Stuhl@ferguson.com
Date: Mon Dec 11 2006 - 11:54:56 ART

• Next message: Tony Schaffran: "RE: anybody passed the CCIE r/s exam ?"
• Previous message: Gabriel Nunes: "Re: anybody passed the CCIE r/s exam ?"
• Maybe in reply to: Darby Weaver: "Rancid anyone?"
• Next in thread: Ben: "Re: Rancid anyone?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

        This is true, to an extent. Rancid relies on using the expect
function to look for a "#" character (among others). If your banner has
any form of that character in it, you could be in for some lengthy
troubleshooting. Not that I'm speaking from experience, or anything.
        
        I guess my point is that open source software is great, but
don't underestimate the amount of time you could be taking to set it up.
I've personally had excellent experiences with rancid, but there are
situations where it may not be the optimal choice (unless you have
enough programming skills to know how to get around certain obstacles).

Eric Stuhl
CCIE 16349
Ferguson Enterprises
eric.stuhl@ferguson.com
(757)-969-4146
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Darby Weaver
Sent: Monday, December 11, 2006 8:02 AM
To: Godswill Oletu; Brad Ellis; Cisco certification
Subject: Re: Rancid anyone?

Godswill,

Actually it is a freebie.

When used with CVS, it allows one to maintain a version control system
and the ability to have the config changes emailed on a recurring basis.

Now, if you take advantage of using apache, you have a very nice
graphical interface from which you can compare configs and what changed.

If one has a TACACS+ or ACS installed one now has a full accountability
system.

And perhaps at little or no cost except modest hardware requirements.

Alterpoint, Opsware, CiscoWorks are all somewhat expensive and can cost
in the thousands...

For a small shop, RANCID is free and can be set up literally within a
few minutes to an hour, even by a novice...

Hmmm...

--- Godswill Oletu <oletu@inbox.lv> wrote:

> Darby,
>
> That was one darn good sales piece; hope you negotiated a very fat
> commission?:)
>
> Godswill Oletu
> CCIE #16464
>
> ----- Original Message -----
> From: "Darby Weaver" <darbyweaver@yahoo.com>
> To: "Darby Weaver" <darbyweaver@yahoo.com>; "Brad Ellis"
> <brad@ccbootcamp.com>; "Cisco certification"
> <ccielab@groupstudy.com>
> Sent: Monday, December 11, 2006 12:34 AM
> Subject: Re: Rancid anyone?
>
>
> > If you are located in the US, regardless of your
> > feelings, chances are that you need rancid or
> > something like it for legal compliance -- between
> SOX,
> > FISMA, and HIPAA, most commercial and government
> > entities need lots of monitoring. If you don't
> think
> > you need it now, but you are subject to any kind
> of
> > auditing and haven't been audited yet, do yourself
> a
> > favor and implement it now.
> >
> > Quite aside from legal issues, tools like rancid
> are
> > great for lots of real-life reasons. They are
> good
> > for:
> >
> > * detecting surprise changes ("when did that
> change
> > occur? Sure would be nice to have an automated
> tool
> > to tell us when someone makes a change in the
> middle
> > of the night and forgets to send email");
> >
> > * security monitoring of routers ("where did that
> > permissive ACL come from? Sure would be nice if a
> > tool could tell us what changes occurred on
> routers,
> > so if anything suspicious happens, we can know
> > immediately instead of when it ends up in the
> media");
> >
> > * exercising router flashes ("Whoops, the flash
> went
> > bad but the device continued to function
> in-memory, so
> > nobody noticed until a power outage. Sure would
> be
> > nice if we had a tool that periodically logged in
> to
> > devices and ran a bunch of commands that
> demonstrate
> > that it is working well");
> >
> > * backing up configs ("Our last manual backup of
> the
> > router config was 5 years ago; we've upgraded it
> > twice, and added lots of ACLs since then.
> Wouldn't an
> > automated way to get config backups make sense?")
> >
> >
> > --- Darby Weaver <darbyweaver@yahoo.com> wrote:
> >
> > > Actually,
> > >
> > > I was thinking more of SolarWind's Cirrus
> product.
> > >
> > > And I was talking about Rancid and its usage of
> CVS
> > > (Common Versioning System) to email configs of
> one's
> > > network's devices to report change.
> > >
> > > I was thinking in terms of using these tools in
> > > conjuntion with Cisco ACS for instance in the
> sense
> > > of
> > > Change Management and accountability.
> > >
> > >
> > >
> > > --- Brad Ellis <brad@ccbootcamp.com> wrote:
> > >
> > > > I fly a Cirrus SR-22...does that count???
> > > >
> > > > (actually, the darn thing almost ran me over
> > > > yesterday...was pulling it out
> > > > of the hanger down a steep downslope and the
> > > > co-pilot side brakes
> > > > failed...not a fun day)
> > > >
> > > > -b
> > > > ----- Original Message -----
> > > > From: "Darby Weaver" <darbyweaver@yahoo.com>
> > > > To: "Cisco certification"
> <ccielab@groupstudy.com>
> > > > Sent: Sunday, December 10, 2006 9:19 PM
> > > > Subject: Rancid anyone?
> > > >
> > > >
> > > > > Anyone using Rancid?
> > > > >
> > > > > Or are most using CatTools? CiscoWorks? or
> > > Cirrus?
> > > > >
> > > > >
> > > >
> > >
> >
>

• Next message: Tony Schaffran: "RE: anybody passed the CCIE r/s exam ?"
• Previous message: Gabriel Nunes: "Re: anybody passed the CCIE r/s exam ?"
• Maybe in reply to: Darby Weaver: "Rancid anyone?"
• Next in thread: Ben: "Re: Rancid anyone?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART