[c-nsp] PIX/ASA Change Control

Sigurbjörn Birkir Lárusson sigurbjornl at vodafone.is
Thu Jun 25 11:01:59 EDT 2009 

I'm using rancid with good results for the same purpose

The only problem I've seen is that with the ASA when you make changes there
is sometimes re-ordering in the config, or a slight difference in tabulation
(I've seen missing spaces in network-object groups for example) between the
configs so the config diff is slightly bigger than it should be, isn't
really a big problem though.

And yeah, rancid is awesome.

BR,

----------------------------------------------------------------------

      `./syso//-.         Sigurbjorn B. Larusson
    .omMNy:`.sNMNh/`      Network Specialist
  `+NMMd-   /hNMMMMd-     Routing and Transmission
  +MMMd.      `oMMMMN.    sigurbjornl at vodafone.is
  MMMM+         oMMMM/    +354 599 9000
  MMMMy`        +MMMM/
  oMMMMy`     `+MMMMN.    Vodafone
  `oNMMMMhsosyNMMMMm:     Skutuvogi 2
    -sNMMMMMMMMMMmo.      104 Reykjavik
      `:ssyhhys+-`        Iceland
                          www.vodafone.is
        vodafone          DISCLAIMER: http://www.vodafone.is/disclaimer



On 25.6.2009 11:33, "Ryan West" <rwest at zyedge.com> wrote:

> No. It's really awesome.
> 
> Sent from handheld.
> 
> On Jun 25, 2009, at 5:19 AM, "William" <willay at gmail.com> wrote:
> 
>> Hi Mark,
>> 
>> Try RANCID (http://www.shrubbery.net/rancid/) - its free and awesome!
>> 
>> Cheers,
>> 
>> Will
>> 
>> 2009/6/25 Kelsay, Mark <mark.kelsay at confused.com>:
>>> I have recently taken over management of about 10 Firewalls.  We
>>> have a
>>> mix of ASA and PIX's.  I am currently using a text file to track
>>> changes
>>> I make to the firewalls.  I would like to find a piece of software
>>> that
>>> is geared to doing this more efficiently.  I have Googled and did not
>>> find anything that fits the bill.
>>> 
>>> 
>>> 
>>> What are you using that you would recommend?
>>> 
>>> 
>>> 
>>> 
>>> 
>>> Thanks,
>>> 
>>> 
>>> 
>>> Mark
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> ****** This email is sent for and on behalf of Inspop.com Limited
>>> ******
>>> Authorised and regulated by the Financial Services Authority.
>>> Registration no. 310635.
>>> Inspop.com Limited [also trading as "Confused.com"] is registered
>>> in England and Wales at 2nd Floor, Friary House, Greyfriars Road,
>>> Cardiff, CF10 3AE [Reg. No. 03857130].  Any opinions expressed in
>>> this email are those of the individual and not necessarily the
>>> company. This email and any files transmitted with it, including
>>> replies and forwarded copies  [which may contain alterations]
>>> subsequently transmitted from the Company, are confidential  and
>>> solely for the use of the intended recipient. It may contain
>>> material protected by  attorney-client privilege. If you are not
>>> the intended recipient or the person responsible for  delivering to
>>> the intended recipient, be advised that you have received this
>>> email in error  and that any use is strictly prohibited.
>>> If you have received this email in error please notify the
>>> Information Security Officer by  telephone on +44 [0] 29 2043 4372.
>>> Please then delete this email and destroy any copies of it.   This
>>> email has been swept for viruses before leaving our system.
>>> Security Warning: Please note that this email has been created in
>>> the knowledge that Internet  email is not a 100% secure
>>> communications medium.  We advise that you understand and accept
>>> this lack of security when emailing us.
>>> Viruses: Although we have taken steps to ensure that this email and
>>> any attachments are free  from any virus, we advise that in keeping
>>> with good computing practice the recipient should  ensure they are
>>> actually virus free.
>>> We may monitor the content of E-mails sent and received via our
>>> network for viruses or  unauthorised use and for other lawful
>>> business purposes.
>>> 
>>> 
>>> ________________________________________________________________________
>  
> 
>>> This e-mail has been scanned for all viruses by Messagelabs. The
>>> service is powered by MessageLabs.
>>> ________________________________________________________________________
>  
> 
>>> _______________________________________________
>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>> 
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list