### On Wed, 12 Jun 2002 18:37:07 -0400 (EDT), jeffrey arnold ### <jba@analogue.net> casually decided to expound upon <nanog@merit.edu> ### the following thoughts about "Re: What's wrong with provisioning ### tools?": ja> On Wed, 12 Jun 2002, Stephen Griffin wrote: ja> ja> :: I would be really surprised if anything other than mom-and-pop shops ja> :: didn't have _at least_ this. ja> :: ja> :: rtrmon or rancid can do great config archiving and provide difference ja> :: output. ja> ja> I don't think the issue is detecting change as much as it is associating ja> change to specific goals/tickets, etc.. If an ACL changes on a router, ja> rancid will pick it up, but right now there is no automated way to tell ja> whether that was as a result of a customer request or a security breach. I've had quite a bit of experience with config management tools and have written some myself many years ago as did probably others due to the at the time lack of such things. However, many vendors are providing thrid-party solutions. The one I've seen that seems most suited to an ISP environment is GoldWire although to be honest, I have not really looked in-depth into such products for almost a year now so there might be others. -- /*===================[ Jake Khuon <khuon@NEEBU.Net> ]======================+ | Packet Plumber, Network Engineers /| / [~ [~ |) | | --------------- | | for Effective Bandwidth Utilisation / |/ [_ [_ |) |_| N E T W O R K S | +=========================================================================*/