[unisog] Is anyone using the Cisco FWSM - auditing

Eric Appelboom eric at mweb.com
Wed Jul 6 12:39:44 GMT 2005


 
Hi,

I am to take over policy administration of FWSM blade, however
with SOX  etc, what accountability controls are available on FWSM?

Could any network engineer with the enable password make changes to FWSM
policies?
Could FWSM access be delegated only to specific users.

I am concerned that ~networks team could make changes without following
proper change controls.
I hope I don't have to rely on audit trails.

Whats the best policy management tools?
When with ver7.0 be available of FWSM?
Does one have policy revision on FWSM?

Regards
Eric

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Huba Leidenfrost
Sent: 01 July 2005 19:57 PM
To: 'UNIversity Security Operations Group'
Subject: Re: [unisog] Is anyone using the Cisco FWSM

I don't understand what your sentence "Cisco fwsm needs a switch for
force on ip addresses instead of names so you can study ip ranges."
means.  Would you please explain what you mean?

Thanks,
Huba Leidenfrost
huba at uidaho.edu
ITS Security Analyst
University of Idaho
208.885.2126/7539(fax)

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org]
On Behalf Of Allen Rueter
Sent: Friday, June 24, 2005 6:59 AM
To: UNIversity Security Operations Group
Subject: Re: [unisog] Is anyone using the Cisco FWSM


Lucent Brick is better too.

Cisco fwsm needs a switch for force on ip addresses instead of names so
you can study ip ranges.

Allen Rueter

On Thu, Jun 23, 2005 at 07:54:10PM -0500, Velasquez Venegas Jaime Omar
wrote:
> Hello.
> 
> I am running a Cisco FWSM blade over here.I've been testing "Cisco VMS

> 2.3/Monitoring Center for Security 2.0" in order to analyze logs from 
> FWSM.
> Altough I'm not done with my testings yet,my impression is that its 
> logging details are not as informative as a Checkpoint Firewall-1 
> Management Center which I used to run.
> Is anybody here who runs Cisco FWSM and share his/her experiences on 
> logging tools?
> 
> Thanks
> 
> JaimeO
> 


-- 

Allen P. Rueter              314/935-6429 Fx:314/935-7302
Director of CTS              allen at cts.wustl.edu
Camp Box 1045 Bryan Rm 509     ___ ___ ___
Washington University         / __|_ _/ __|
One Brookings Dr.            | (__ | |\__ \
St. Louis MO  63130           \____|_|____/
Office: 406B Lopata
_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog


_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog
MWEB: S.A.'s trusted Internet Service Provider. Just Like that. 
To join, click here or call 08600 32000. 



More information about the unisog mailing list