03-28-2018 02:31 PM - edited 02-21-2020 10:52 AM
We are a industrial plant. We have some IT infrastructure in a server room etc. We have Cisco router, switch and firewall; Windows Active Directory; VMware; Storage network etc.Now and then, IT consultants come to do some jobs. Sometime, they just mess up our configuration and is not responsible.
Do we can install some software to do user authentication and activity tracking? So that:
1, For user management, especially authentication.
2, tracking/logging their activity in Cisco network devices, VMware, Windows servers
Thanks
03-28-2018 06:00 PM
Hi
To audit what commands or change configuration have been done by users you can use tacacs and/or radius for devices not supporting tacacs.
On VMware you can authenticate users using this method and track the audit log on esxi.
In terms of products, you can deploy Cisco ise that do both or go with open source softwares like freeradius or freetacacs.
The advantage with tacacs is that you can give authorizations on per command basis.
04-05-2018 06:47 AM
Thanks. Wish a better solution that we can have all logging in one software.
04-05-2018 09:07 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: