This is a multi-part message in MIME format.

--===============0622705476==
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_001D_01C8ABF3.54FB3110"

This is a multi-part message in MIME format.

------=_NextPart_000_001D_01C8ABF3.54FB3110
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit

Have you looked into the SolarWinds products? I have used the Orion fault
and network performance management platform very successfully and had a full
copy of the Engineer's Toolset installed on a laptop that I used at multiple
facilities. The Orion product was very easy to setup and get functioning. It
is extremely scalable also. I initially setup the test Orion system manually
and found it very simple to do. It took about two days from opening the box
until operational monitoring about 30 nodes in a 500 node network. The most
time consuming problem was correcting the device configurations to support
the SNMP access which I finally 'scripted'. I just ha to manually connect
and fire off the script that logged me in (TACCAS+), shutdown any existing
SNMP, restarted SNMP with a 'standardized' config.



When I finally setup the operational Server I had the Toolset which made the
Orion Setup even faster. I used the toolset to 'map' the network and the
'dumped' the map directly into the Orion. This allowed me to complete the
initial setup in of half the nodes in a week. Again I had to 'reset' the
SNMP configs on most nodes. This was from box opening to 50% monitoring
including setting up the server OS.





_____

From: firewall-wizards-bounces@listserv.icsalabs.com
[mailto:firewall-wizards-bounces@listserv.icsalabs.com] On Behalf Of Mike
Davis
Sent: Wednesday, April 30, 2008 11:02 AM
To: 'firewall-wizards@listserv.icsalabs.com'
Subject: [fw-wiz] Cisco Security Manager clone?



This is my first posting so be gentle ;-)



I have an environment that is all Cisco based firewalls for my edge
protection and site to site vpns. I have a little over 100 remote sites
running on ASA 5505's with an AES Tunnel to both the primary (HQ) and
secondary (DR ) sites. It is working quite nicely and has been for years
now but the problem I have is this. all my remote site firewalls are not
centrally managed in the sense that I can make one change in a console and
push it globally to all my remote firewalls so that when a change is
required, I have to log into each and every one (I use SSH) and make the
changes.

I know that Cisco Security Manager will allow me to do that but at the 100K
pricetag I was quoted from Cisco with the blink of an eye. I just cannot put
that into my budget.



Does anyone know of or can recommend any freeware or low-cost-ware
application that will allow me to monitor and make global config changes
without having to SSH to each one? The ability to segregate into groups and
manage based upon groups would certainly be a plus as well but not a
requirement.



Thanks in advance!



Mike Davis




------=_NextPart_000_001D_01C8ABF3.54FB3110
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

xmlns=3D"urn:schemas-microsoft-comfficeffice" =
xmlns:w=3D"urn:schemas-microsoft-comffice:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40"
xmlns:ns0=3D"http://schemas.microsoft.com/office/2004/12/omml">


charset=3Dus-ascii">










style=3D'font-size:
10.0pt;font-family:Arial;color:blue'>Have you looked into the SolarWinds =
products?
I have used the Orion fault and network performance management platform =
very
successfully and had a full copy of the Engineer's Toolset installed on =
a
laptop that I used at multiple facilities. The Orion product was very =
easy to
setup and get functioning. It is extremely scalable also. I initially =
setup the
test Orion system manually and found it very simple to do. It took about =
two
days from opening the box until operational monitoring about 30 nodes in =
a 500
node network. The most time consuming problem was correcting the device =
configurations
to support the SNMP access which I finally ‘scripted’. I =
just ha to
manually connect and fire off the script that logged me in (TACCAS+), =
shutdown
any existing SNMP, restarted SNMP with a ‘standardized’ =
config.>>



style=3D'font-size:
10.0pt;font-family:Arial;color:blue'>>



style=3D'font-size:
10.0pt;font-family:Arial;color:blue'>When I finally setup the =
operational
Server I had the Toolset which made the Orion Setup even faster. I used =
the
toolset to ‘map’ the network and the ‘dumped’ =
the map directly
into the Orion. This allowed me to complete the initial setup in of half =
the
nodes in a week. Again I had to ‘reset’ the SNMP configs on =
most
nodes. This was from box opening to 50% monitoring including setting up =
the
server OS.>>



style=3D'font-size:
10.0pt;font-family:Arial;color:blue'>>



style=3D'font-size:
10.0pt;font-family:Arial;color:blue'>>





size=3D3
face=3D"Times New Roman"> style=3D'font-size:12.0pt;font-family:"Times New Roman"'>






style=3D'font-size:10.0pt;
font-family:Tahoma;font-weight:bold'>From:
size=3D2
face=3DTahoma>
firewall-wizards-bounces@listserv.icsalabs.com
[mailto:firewall-wizards-bounces@listserv.icsalabs.com] style=3D'font-weight:bold'>On Behalf Of
Mike Davis

Sent: Wednesday, April =
30, 2008
11:02 AM

To:
'firewall-wizards@listserv.icsalabs.com'

Subject: [fw-wiz] Cisco =
Security
Manager clone?
Roman"> style=3D'font-size:12.0pt;font-family:"Times New =
Roman"'>>>





style=3D'font-size:11.0pt'>>



style=3D'font-size:11.0pt'>This
is my first posting so be gentle ;-)>>



style=3D'font-size:11.0pt'>>



style=3D'font-size:11.0pt'>I
have an environment that is all Cisco based firewalls for my edge =
protection
and site to site vpns.  I have a little over 100 remote sites =
running on
ASA 5505’s with an AES Tunnel to both the primary (HQ) and =
secondary (DR
) sites.  It is working quite nicely and has been for years now but =
the problem
I have is this… all my remote site firewalls are not centrally =
managed in
the sense that I can make one change in a console and push it globally =
to all
my remote firewalls so that when a change is required, I have to log =
into each
and every one (I use SSH) and make the =
changes.>>



style=3D'font-size:11.0pt'>I
know that Cisco Security Manager will allow me to do that but at the =
100K
pricetag I was quoted from Cisco with the blink of an eye… I just =
cannot
put that into my budget.  >>



style=3D'font-size:11.0pt'>>



style=3D'font-size:11.0pt'>Does
anyone know of or can recommend any freeware or low-cost-ware =
application that
will allow me to monitor and make global config changes without having =
to SSH
to each one?  The ability to segregate into groups and manage based =
upon
groups would certainly be a plus as well but not a =
requirement.>>



style=3D'font-size:11.0pt'>>



style=3D'font-size:11.0pt'>Thanks
in advance!>>



style=3D'font-size:11.0pt'>>



face=3DCalibri> style=3D'font-size:11.0pt;color:black;font-weight:bold'>Mike =
Davis>>



style=3D'font-size:11.0pt'>>









------=_NextPart_000_001D_01C8ABF3.54FB3110--


--===============0622705476==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards

--===============0622705476==--