LogAnalysis
[logs] Configuration tool Jan 15 2008 05:18PM
James B Horwath (Jim_Horwath glic com) (3 replies)
Re: [logs] Configuration tool Jan 15 2008 11:12PM
Mark Bagley (mbagley splunk com)
Re: [logs] Configuration tool Jan 15 2008 06:34PM
Ron Gula (rgula tenablesecurity com)
James B Horwath wrote:
> Does any have any tool recommendations for configuration management tools
> for log adherence. This tool would audit configuration settings of a file
> checking for adherence to a standard. Tripwire will not work because I
> need to check variable settings which may be different from host to host.
> Group Policy should work on windows but what about routers, switches,
> Unices, etc. Any suggestions?
>
> Please advise,
> Jim

Nessus can do this when subscribed to the Direct Feed ($1200/year) or
managed by the Security Center. There are a wide variety of policies
available to make sure logging is enabled for many different OSes and
applications. You can also create very fine-grained "setting checkers".
Many of the policies have been certified by CIS as well.

You can see a demo video (does NOT require registration) here:
http://www.nessus.org/demos/ (click on the "CIS Audit")

There are also a bunch of blog entries along these lines here:
http://blog.tenablesecurity.com/2007/02/automated_audit.htm
http://blog.tenablesecurity.com/2006/09/creating_gold_b.html
http://blog.tenablesecurity.com/2007/09/using-nessus-co.html

Nessus does not do this for routers and switches (yet). However, we do
have a few customers that have written audit policies to analyze router,
firewall and switch configurations that have been stored on a UNIX server.

Ron Gula
Tenable Network Security
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]
RE: [logs] Configuration tool Jan 15 2008 06:01PM
Clayton Dukes (cdukes) (cdukes cisco com)


 

Privacy Statement
Copyright 2010, SecurityFocus