[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Monitoring Firewalls - Big Brother anyone?
Greetings! I am looking for some suggestions for monitoring our firewalls (4.1 running on Solaris 7) from a UNIX server point of view, ie, available diskspace, CPU load, memory usage, etc. >From the archives, I can see that some folks stick to standard UNIX commands (vmstat, sar, etc.), some use the Checkpoint SNMP agents and others use Big Brother. I'm a bit reluctant to use any sort of SNMP agent on a firewall, even if it comes from the Firewall Software Vendor itself, because of the historical insecurity of SNMP v. 1 and v.2. Does anyone care to comment on the security or insecurity of Checkpoint's SNMP agent? At the moment, I'm inclined to use Big Brother, which is available for free and runs as an unprivileged user on an unprivileged port (port 1984 of course!) and I'm curious whether anyone on the list has any advice for configuring Big Brother (or something similar) in a secure fashion. I'm further hoping that we can tunnel Big Brother through SSH so that we can encrypt the sessions and use publickey authentication. Please drop me a line if you have any recommendations for monitoring our firewalls. We basically want to get alerted if there is a problem with the machine itself, such as a memory issue or full hard disk. I'm a little less interested in network statistics at the moment. Thanks in advance for any suggestions. Joel ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|