03-28-2018 02:31 PM - edited 02-21-2020 10:52 AM
We are a industrial plant. We have some IT infrastructure in a server room etc. We have Cisco router, switch and firewall; Windows Active Directory; VMware; Storage network etc.Now and then, IT consultants come to do some jobs. Sometime, they just mess up our configuration and is not responsible.
Do we can install some software to do user authentication and activity tracking? So that:
1, For user management, especially authentication.
2, tracking/logging their activity in Cisco network devices, VMware, Windows servers
Thanks
03-28-2018 06:00 PM
Hi
To audit what commands or change configuration have been done by users you can use tacacs and/or radius for devices not supporting tacacs.
On VMware you can authenticate users using this method and track the audit log on esxi.
In terms of products, you can deploy Cisco ise that do both or go with open source softwares like freeradius or freetacacs.
The advantage with tacacs is that you can give authorizations on per command basis.
04-05-2018 06:47 AM
Thanks. Wish a better solution that we can have all logging in one software.
04-05-2018 09:07 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide