nv-l
[Top] [All Lists]

Managing Firewalls

To: nv-l@lists.tivoli.com
Subject: Managing Firewalls
From: Brad Martin <bmartin@METLIFE.COM>
Date: Wed, 21 Jul 1999 15:00:09 -0400
Reply-to: Discussion of IBM NetView and POLYCENTER Manager on NetView <NV-L@UCSBVM.UCSB.EDU>
Sender: Discussion of IBM NetView and POLYCENTER Manager on NetView <NV-L@UCSBVM.UCSB.EDU>
Does anyone have experience managing Cisco PIX firewalls? By design, Cisco
doesn't allow ICMP pings to the Outside and DMZ interfaces. In addition, the
SNMP agent doesn't support the IP or AT tables (making discovery nearly
impossible). At present, the firewalls are defined as a generic "Connector"
objects. The non-pingable interfaces were manually added and then unmanaged.

According to Cisco, the only way to determine that everything is OK is to send
an snmpget to the inside interface requesting the status MIB's in the interface
table. I can write the scripts to verify status, but I'm not sure how to modify
the map icons and keep netmon from changing it back.

Brad Martin
MetLife (212) 578-8884.

<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web