Alert on secure interface from down to up

Question

I would like to get alerts on interfaces of certain devices (firewalls, routers, and data center switches) that show when an interface, which is supposed to be down, changes to an up status (think of this as change control enforcement and a security alert).

In otherwords, once a firewall is configured, I better not see an interface initially configured as down go to an "up" state (there are reasons for not being able to control this in the interface configuration).  Similarly, in the data center, I want to make sure I know what is connected to each interface, so if someone plugs something in to a port, and I don't plan for it, I want an alert.

Has anyone implemented something like that.  I can probably figure this from scratch, but don't want to reinvent the wheel.

karltbraun · Answer

Mav,

We don't have NCM (but I'm considering looking into that).  But #3 seems to be what I was looking for.  Don't know why I didn't think of that.

Thanks for getting back to me.

-ktb

mavturner · Answer

There are a few ways to address these concerns.

* You can use the Change Control mechanism in NCM to be alerted when a configuration changes (leveraging SNMP traps and syslogs).
* You can use UDT to track what is connected.
* You could just create an alert for interface status UP AND interfaces with a custom property and add the custom property to all of those interfaces. This should be a fairly straightforward alert. Have you tried to do this? I'm happy to help walk you through it if  you need more details.

Mav

karltbraun · Answer

I wonder if it would be possible to get a reply from Solarwinds on this?