Hey Tim, We recently bought the NCM tool by SolarWinds as well. We've had it for two months, and I personally am quite happy with it. We had Cisco's CiscoWorks product for the last 5-6 years but ditched it because of it never quite works consistently. The thing to be aware of for config auditing, like with NCM's reports, is that in some environments config is ALWAYS changing. I'm in a small enterprise setup with a very dynamic datacenter and it is not abnormal to have a few hundred changes across a week with the number of server moves/rebuilds/expansions going on in our place. So in our case, we are primarily using NCM for pushing configs, and using the alerting of changes mostly to do spot checks on the fellow team-members. Since there are so many changes, it is nice to have visibility to make sure that appropriate standards are being met. David. On Wed, Oct 5, 2011 at 3:16 PM, Green, Timothy <Timothy.Green@mantech.com> wrote:
Hey all!
I'm a IT Security Manager (policy creation) that has been lurking on NANOG for about 3 years. I have some experience in networking but nothing like what is mostly talked about on here. I just love the talks you experts have and researching the tools you all mention. I was having a tough time yesterday explaining to one of my nosey co-workers why I had the word Octopussy on my screen yesterday!
I'm trying to put a baseline policy together for all my network equipment and I have a few questions:
1. Should config files be consistent? By this I mean; does the STIG apply its baseline to the config files or elsewhere?
2. Are config file change alerts necessary for the security of network equipment? We have just purchased the SolarWinds suite.
3. Should we obfuscate our Private addresses on our Network Diagram? What is the common practice?
4. How can I get a grip on my ACLs or is it even possible? How do you all maintain them without going insane!
If this isn't the correct forum for this "low level" stuff I understand; just guide me in the right direction.
Thanks in advance!
TG