| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Monitoring Firewalls - Big Brother anyone?
Greetings!
I am looking for some suggestions for monitoring our firewalls (4.1 running
on Solaris 7) from a UNIX server point of view, ie, available diskspace,
CPU load, memory usage, etc.
>From the archives, I can see that some folks stick to standard UNIX
commands (vmstat, sar, etc.), some use the Checkpoint SNMP agents and
others use Big Brother.
I'm a bit reluctant to use any sort of SNMP agent on a firewall, even if it
comes from the Firewall Software Vendor itself, because of the historical
insecurity of SNMP v. 1 and v.2. Does anyone care to comment on the
security or insecurity of Checkpoint's SNMP agent?
At the moment, I'm inclined to use Big Brother, which is available for free
and runs as an unprivileged user on an unprivileged port (port 1984 of
course!) and I'm curious whether anyone on the list has any advice for
configuring Big Brother (or something similar) in a secure fashion. I'm
further hoping that we can tunnel Big Brother through SSH so that we can
encrypt the sessions and use publickey authentication.
Please drop me a line if you have any recommendations for monitoring our
firewalls. We basically want to get alerted if there is a problem with the
machine itself, such as a memory issue or full hard disk. I'm a little
less interested in network statistics at the moment.
Thanks in advance for any suggestions.
Joel
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
