Friday 17 April 2009

There has to be an easier way

Well I am still alive although as the title of this post suggests things are not going all that smoothly at the moment. So when I say there has to be an easier way I do not mean of bringing up two young children (I thought one was bad, one is a picnic compared to two :-) ) or studying for a CCIE (although I wish there was). What I really mean is there has to be an easier way of managing a PIX/ASA/FWSM whatever you want to call them.

I am not really much of a firewall person but my job at the moment involves a lot of firewall stuff and mainly on the FWSM modules. I have had a bit of Checkpoint experience before and I know Etherealmind had a post about ditching Checkpoint since their support was so rubbish. However although their support may be rubbish (I am lucky I have never had to experience it) their product in my opinion is superior to what you get from Cisco. How on earth have Cisco not got anything that compares to SmartView Tracker when trying to figure out what is happening on your firewall. Unless I am missing something you can try and look through Syslogs or the logging output on screen. I cannot find a way to filter as easily as in Checkpoint and I even have trouble finding stuff at the moment. I use Kiwi Syslog Viewer so if anyone has any better suggestions they would be most welcome. Also when you have multiple interfaces and multiple firewall contexts the rule base can get very confusing for me at least so if anyone has any suggestions for good tools to use to edit PIX/ASA/FWSM ACL's I would appreciate it.

Apart from struggling with Cisco firewalls not much has been happening in my life. As you can probably see from the neglected state of this blog CCIE study has been none exist in the last couple of months due to work and family commitments. I have no spare time in my life at the moment as if I am not working a horrendous amount of overtime I am looking after the kids to compensate for me not being arround due to the overtime. Cacth 22 although I am grateful I do have the work at the moment when so many people do not.

Hopefully once all my projects are out of the way and both kids at least sleep through the night then I will be able to get back on track with my CCIE. In the meantime hopefully I will get a chance to maybe post about the FWSM (if I ever figure it out) and the new version of the CCIE Comamnd Memorizer that I have not had much time to play with yet, or if that fails I may get a chance to produce some more whinging posts :-)

1 comment:

Anonymous said...

There is a very recent book out on the FWSM. Although I have only glanced at it, it does look pretty good so it might help you.

Also, you might try viewing the FWSM through the ASDM if it supports it. I'm a fan of Check Point solely for their log viewing so I have felt your pain.

Good luck.