Managing IOS Configuration Snippets

• Previous message (by thread): Managing IOS Configuration Snippets
• Next message (by thread): Managing IOS Configuration Snippets
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We are evaluating a piece of software called Skybox:

	http://www.skyboxsecurity.com/

It's geared to security analytics, but it does allow you to 
define configurations that are expected on a device, what 
software version it is running, whether commands that aren't 
there are, and those that should be there aren't, e.t.c.

It supports all major network equipment vendors, and also 
allows for simple or complex regular expressions that can be 
used to search configuration files more easily.

It is an offline system, so all you do is regularly present 
it with a text file of the device's running configuration, 
and it will do the necessary checks per the policy you have 
defined.

Based on the configuration files it has, it can also create 
a visual model of your network. Not something you'd rely on 
given you have other tools for that, but kind of cool, 
nonetheless.

Worth a look, I'd say.

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140227/93831630/attachment.sig>

• Previous message (by thread): Managing IOS Configuration Snippets
• Next message (by thread): Managing IOS Configuration Snippets
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]