[CentOS] OT: Managing change control in servers, LDAP, firewalls and switches question
Michael Grinnell
grinnell at american.edu
Fri Jan 23 17:26:58 UTC 2009
Les Mikesell wrote:
> Erick Perez wrote:
>> Currently we manage several switches,firewalls and MS LDAP and Centos
>> OpenLDAP installations.
>> We are looking for a "man in the middle" or "framework" to manage
>> change on our network devices and LDAP-based servers.
>> We are looking into a similar solution (Quest Software does not have
>> that for devices) to perform change and control on the routers,
>> switches and firewalls.
>
> There was a tool called pancho (http://www.pancho.org/) that claimed to
> to do automated router and switch management, but it seems to no longer
> be supported, and personally, I'd trust a person more than a script with
> that sort of job. On the other hand, maintaining backup copies of
> configurations before/after changes is something very worthwhile and not
> difficult for anything that has text based configurations. Just make
> sure that changes are copied back and committed to a central version
> control system like cvs or svn (which you can wrap with viewvc for easy
> display of history and changes). A tool called rancid
> (http://www.shrubbery.net/rancid/) will automate this for many routers,
> switches and firewalls, and will also pick up any unexpected changes.
>
Rancid is a great tool, and has worked well for us as a configuration
monitor and config repository. Another new alternative that is similar
is ZipTie, now called NetworkAuthority Inventory
(http://inventory.alterpoint.com/). For a pay solution, I believe
SolarWinds has some products.
Michael Grinnell
Information Security Engineer
The American University
More information about the CentOS
mailing list