cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

944
Views
0
Helpful
0
Replies
Highlighted
Beginner

Managing ACLs (7600, CRS IOS-XR, GSR) – advise on automation tools for SP

Hello All,

There are many wonderful Service Provider infrastructure hardening documents available from Cisco CCO and CiscoPress.

I have seen many over my life. Sample documents are:

Mannaging ACLs (7600, CRS IOS-XR, GSR) - automation tools, Document ID: 13608

Network Core Infrastructure Best Practices, Yusuf Bhaiji

Cisco Guide to Harden Cisco IOS XR Devices

Each service provider is recommended to enable and configure rACLs, CoPP, block unnecessary control protocols over the edge, Protect BGP peering with interface ACLs and many many more. Unfortunately there is no tool available from Cisco to configure and maintain all those features.

I would like to ask question to NetPro community. Have you seen any working products from Cisco or Cisco partners for ACL management. Lets keep Cisco Security Manager (CSM) aside. CSM is enterprise oriented tool and supporting routers up to 6500/7600.

I’m looking for this tool for few years already. Looks like other Service Providers are using home made developments. Google recently partially published own tool capirca to a public domain (do search on “ACL Management @ Google” or capirca). This is good start but I is missing ACL deployment module (it is not released by google).

Please share you experience!

Cheers!