[CentOS] OT: Managing change control in servers, LDAP, firewalls and switches question
Les Mikesell
lesmikesell at gmail.com
Fri Jan 23 18:40:02 UTC 2009
Michael Grinnell wrote:
> Les Mikesell wrote:
>> Erick Perez wrote:
>>> Currently we manage several switches,firewalls and MS LDAP and Centos
>>> OpenLDAP installations.
>>> We are looking for a "man in the middle" or "framework" to manage
>>> change on our network devices and LDAP-based servers.
>
>>> We are looking into a similar solution (Quest Software does not have
>>> that for devices) to perform change and control on the routers,
>>> switches and firewalls.
>> There was a tool called pancho (http://www.pancho.org/) that claimed to
>> to do automated router and switch management, but it seems to no longer
>> be supported, and personally, I'd trust a person more than a script with
>> that sort of job. On the other hand, maintaining backup copies of
>> configurations before/after changes is something very worthwhile and not
>> difficult for anything that has text based configurations. Just make
>> sure that changes are copied back and committed to a central version
>> control system like cvs or svn (which you can wrap with viewvc for easy
>> display of history and changes). A tool called rancid
>> (http://www.shrubbery.net/rancid/) will automate this for many routers,
>> switches and firewalls, and will also pick up any unexpected changes.
>>
>
> Rancid is a great tool, and has worked well for us as a configuration
> monitor and config repository. Another new alternative that is similar
> is ZipTie, now called NetworkAuthority Inventory
> (http://inventory.alterpoint.com/). For a pay solution, I believe
> SolarWinds has some products.
If you are also doing SNMP monitoring of these resources, I believe
OpenNMS has some degree of integration with ziptie and some is currently
being added for rancid.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list