--===============1851661585==
Content-Type: multipart/alternative;
boundary="----=_Part_8986_21118424.1209702869597"

------=_Part_8986_21118424.1209702869597
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Check out Kiwi Cat Tools. I've used it for a while now and found it to be
quite helpful in a situation like yours. I manage a network with 67 ASA 550=
5
firewalls in remote offices connected back to a central ASA 5520 via IPSec
VPN. Kiwi works very well to push mass changes to these devices in minutes,
and has a nice handy feature in that you can schedule it to automatically
back up your configs to your management server for safe keeping. Kiwi is by
no means a replacement for CSM but it does a pretty good job.

It will interface to the devices via Telnet, SSH, etc. I personally
interface to my devices via SSH but your mileage and requirements may vary.
It also supports a wide variety of other Cisco devices - switches, routers,
etc. Licensing is by device count.

If I recall correctly you can download an eval copy of it and it will manag=
e
a small set of devices fully functional so you can try it out and see if it
works for what you need.

Hope this helps. Good luck!

On Wed, Apr 30, 2008 at 11:01 AM, Mike Davis wrote:

> This is my first posting so be gentle ;-)
>
>
>
> I have an environment that is all Cisco based firewalls for my edge
> protection and site to site vpns. I have a little over 100 remote sites
> running on ASA 5505's with an AES Tunnel to both the primary (HQ) and
> secondary (DR ) sites. It is working quite nicely and has been for years
> now but the problem I have is this=85 all my remote site firewalls are no=

t
> centrally managed in the sense that I can make one change in a console an=

d
> push it globally to all my remote firewalls so that when a change is
> required, I have to log into each and every one (I use SSH) and make the
> changes.
>
> I know that Cisco Security Manager will allow me to do that but at the
> 100K pricetag I was quoted from Cisco with the blink of an eye=85 I just
> cannot put that into my budget.
>
>
>
> Does anyone know of or can recommend any freeware or low-cost-ware
> application that will allow me to monitor and make global config changes
> without having to SSH to each one? The ability to segregate into groups =

and
> manage based upon groups would certainly be a plus as well but not a
> requirement.
>
>
>
> Thanks in advance!
>
>
>
> *Mike Davis*
>
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailma...rewall-wizards
>
>


------=_Part_8986_21118424.1209702869597
Content-Type: text/html; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Check out Kiwi Cat Tools. I've used it for a while now and found it to =
be quite helpful in a situation like yours. I manage a network with 67 ASA =
5505 firewalls in remote offices connected back to a central ASA 5520 via I=
PSec VPN. Kiwi works very well to push mass changes to these devices in min=
utes, and has a nice handy feature in that you can schedule it to automatic=
ally back up your configs to your management server for safe keeping. Kiwi =
is by no means a replacement for CSM but it does a pretty good job.


It will interface to the devices via Telnet, SSH, etc. I personally int=
erface to my devices via SSH but your mileage and requirements may vary. It=
also supports a wide variety of other Cisco devices - switches, routers, e=
tc. Licensing is by device count.


If I recall correctly you can download an eval copy of it and it will m=
anage a small set of devices fully functional so you can try it out and see=
if it works for what you need.

Hope this helps. Good luck!


On Wed, Apr 30, 2008 at 11:01 AM, Mike Davis &lt=
;mdavis@gsp.net> wrote:
uote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, 204, 20=
4); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">













This is my first posting so be gentle ;-)



 



I have an environment that is all Cisco based firewalls for
my edge protection and site to site vpns.  I have a little over 100 re=
mote
sites running on ASA 5505's with an AES Tunnel to both the primary (HQ)
and secondary (DR ) sites.  It is working quite nicely and has been fo=
r
years now but the problem I have is this=85 all my remote site firewalls
are not centrally managed in the sense that I can make one change in a cons=
ole
and push it globally to all my remote firewalls so that when a change is
required, I have to log into each and every one (I use SSH) and make the
changes.



I know that Cisco Security Manager will allow me to do that
but at the 100K pricetag I was quoted from Cisco with the blink of an eye=
=85
I just cannot put that into my budget. 



 



Does anyone know of or can recommend any freeware or
low-cost-ware application that will allow me to monitor and make global con=
fig
changes without having to SSH to each one?  The ability to segregate i=
nto
groups and manage based upon groups would certainly be a plus as well but n=
ot a
requirement.



 



Thanks in advance!



 



Mike Davis



 









_______________________________________________

firewall-wizards mailing list

firewall-wizards@=
listserv.icsalabs.com


target=3D"_blank">https://listserv.icsalabs.com/mailma...nfo/firewall-=
wizards