The most recent content from our members.
I have a big issue with the way SolarWinds counts ACL lines compared to the actual rule number in Cisco ASAs. This started when we began running the built-in ACLs with overlapping rules report. While that report can be a big help, the Access Lists subview in a node's details creates more headaches than it relieves. Because…
Version 7.1 of SolarWinds Network Configuration Manager brings a few enhancements of the scripting language for Config Change Templates (CCT). (For all new features of NCM 7.1, please see .) This new functionality is especially useful for access-control list (ACL) creation. In this blog post, we provide a commented example…
Enhancement to Configuration Manager that has a workflow something like this; Create ACL {For which group? - choose location, device,etc} -> Type of ACL { Wizard or create from template} -> Associate ACL {Which object to apply ACL to ? - pick from vty,interface, etc. } -> Networks { choose networks and hosts - permit, deny…
Hello, I am tying to add 2 entries in a specific ACL in multiple switches. My plan is to copy the ACL, delete it and recreated with the new entries in the end. Of course I want to do this with a script (or some kind of automation), but there are 2 issues: - The ACL in spite it has the same name, the content is different…
Cisco Identity Service Engine (ISE) is a new trend in the network security industry. It is a RADIUS server that provides granular control for access, profiling and authorization, using 802.1x. Since it is not only a security product but also a infrastructure management solution of some kind, it would be awesome to have NPM…
We are trying to build a compliance rule to check for a "log" statement at the end of each permit statement of an access-list. The entries in the ACL are different for each device but all entries must have the "log" at the end. For Example, this device should flag because one line is missing the "log" statement:…
Hi, on of our biggest challenges is to close the life cycle and mark an IP Address as available if not used anymore. The reason is that an IP Address might be configured in so many configuration files like ASA ACLs, IOS DHCP Reservations, IOS local hostnames,... DNS,DHCP,... . It would be very helpful to specify a set of…
DO YOUR FIREWALLS HAVE ACCESS CONTROL LISTS OR OUT-OF-CONTROL LISTS? Do you badge in and out of your office each day? That electronic lock should be doing two things: making sure you can get in (and get to work), and keeping people who shouldn’t be there out. If the permissions aren’t right, you could be blocked from…
Hey everyone, I am writing some compliance checks for our Cisco switches and I have one that is checking some of our Access Lists for me. I have them checking to ensure that the required entries are present in the access list in between the start of the access list and the deny any any log at the end and that is working…
WHAT IS ATTRIBUTE-BASED ACCESS CONTROL? Attribute-based Access Control (ABAC) is an advanced variant of role-based access control (RBAC). ABAC is a logical access control model which controls access to objects by evaluating rules against the specific attributes of the access requesting entity. There are typically 4…
It looks like you're new here. Sign in or register to get started.