3 Replies Latest reply on Dec 3, 2010 1:44 PM by christineb

    Feature Request: Access-List


      Hi All,

      I have just posted a feature request onto the Customer Portal for the below, what is everyone elses view on it?

      We find Solarwinds NCM very good for backing up network devices and for change control but the one thing we would find of value is having a better system for documenting the purpose of each rule in an access-list on firewalls or L3 switches.

      Can NCM get more involved (down and dirty) with displaying the access-lists? For example... being able to view each entry in an access-list per device, as its own object ... (per say).

      Something similar to how APM works with component monitors so that we can:

      - Add comments / descriptions etc to each rule in an access-list, whether this gets pushed to the device depends on vendor support

      - Reference products / services for our own internal use

      - It would give the community the ability to publish custom firewall templates to Thwack rather than having to read through loads of vendor provided documentation etc

      - It would assist in building new rule sets, e.g. "it looks like your trying to create an access-list" then select which applications you are going to use (from these templates), bam, one access-list, obviously there may be variables along the way such as source/dest but these can be queried via the Node Browser.

      - It would allow us to quickly and easily review at a glance what the purpose of each rule is without having to login to the device itself via cli/gui or use another vendors product.

      - It would allow us to present a report specifically focused on access-lists too

      - It would help with auditors.

      - It would help us display a single access-list (or view it side by side another access-list) for devices across our entire estate.

      Considering NCM already has the full device config of our box's, parsing this configuration for the access list and displaying it in table format where we can interact with it more.... "should be possible"?

      Access-Lists by bulk from Solarwinds, who wouldn't want that appreciate other peoples views on this topic

        • Re: Feature Request: Access-List


          Thanks for your extensive feedback. I'll see that the PM reviews it.

          Can you tell me what version of NCM you are running?



            • Re: Feature Request: Access-List

              Thanks for the feedback Marie, appreciated fyi we are running NCM 6.

              Obviously command line gurus are always going to prefer ssh for viewing/changing things like this but typically after a firewall goes in with a baseline configuration the likely thing to change from that point is the access-list, coupled with the fact that when you are diagnosing an issue one of the first things checked is the access-list.

              Being able to do this in bulk for those who don't have the vendors wizbang management tool, have a multivendor estate, are command line challenged or simply prefer the web console.... would feel less pain being able to do it from a single place :-)