There are tons of products out there. You could try looking at Cisco Network Compliance Manager. It supposedly has built-in compliance rules for financial institutions (GLB, SOX, etc). If you want to pay, people will gladly take your money. Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS Senior Network Engineer Coleman Technologies, Inc. 954-298-1697 From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of jamie Sent: Tuesday, April 15, 2008 9:35 AM To: Phil Regnauld Cc: nanog@merit.edu Subject: Re: enterprise change/configuration management and compliance software? On Tue, Apr 15, 2008 at 2:31 AM, Phil Regnauld <regnauld@catpipe.net> wrote: jamie (j) writes:
`
device, and by 'device' i mean router and/or switch) configuration management (and (ideally) compliance-auditing_and_assurance) software.
We currently use Voyence (now EMC) and are looking into other options for various reasons, support being in the top-3 ...
So I guess using something tried, tested and free like Rancid + ISC's audit scripts are not within scope ? That was my first thought, but the in the industry I'm currently in (financial), open sourceware for things like this is a definite [fail].
So, I pose: To you operators of multi-hundred-device networks : what do you use for such purposes(*) ?
Rancid :) (+ and now some home developed stuff) fail
This topic seemed to spark lively debate on efnet,
The current weather would spark lively debate on most IRC channels. Phil haha. depends on the day and what other scandals were ao