The Perl idea using MRTG is pretty neat. I like that. It has nothing showing up now, with initial runs, but I am tweaking.
It appears to show utilization and traffic, but does any freeware show security issues? (attempts on closed ports/services, etc)??
-----Original Message-----
From: Daniel Crichton [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 09, 2002 10:45 AM
To: Clifford Thurber
Cc: [EMAIL PROTECTED]
Subject: Re: PIX 515
On 9 Apr 2002 at 11:27, Clifford Thurber wrote:
> I find it interesting that for a firewall as widely used as the PIX the
> reporting/logging is limited to one product - Webtrends. Is there are
> reason Cisco can not offer anything more than the eyesores you are forced
> to look at via a syslog server? The PIX logs are nasty things and some of
> the entries lower down(like the debug level) are in my opinion horribly
> documented. I think that running SNMP on a firewall is a big no no. I hope
> I am not alone in this opinion.
WebTrends is just ONE reporting product - it's not the only one. It's just
the only I tried that seems to have output I could make sense of, but
maybe that's because I used the Web Log analysis reports in the past. I
think Private-I (spelling?) has also been put forward in the past as a
good reporting tool, but I couldn't get the eval to work properly on my
PC.
As to SNMP, the PIX config requires that it only be allowed on the inside
interface (at least in v4 and v5, not sure about v6), and each inside IP
that requires access to SNMP must be explicitly defined.
Dan
---
D.C. Crichton email: [EMAIL PROTECTED]
Senior Systems Analyst tel: +44 (0)121 706 6000
Computer Manuals Ltd. fax: +44 (0)121 606 0477
Computer book info on the web:
http://computer-manuals.co.uk/
Want to earn money? Join our affiliate network!
http://computer-manuals.co.uk/affiliate/
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
