Hello All, There are many wonderful Service Provider infrastructure hardening documents available from Cisco CCO and CiscoPress. I have seen many over my life. Sample documents are: Mannaging ACLs (7600, CRS IOS-XR, GSR) - automation tools, Document ID: 13608 Network Core Infrastructure Best Practices, Yusuf Bhaiji Cisco Guide to Harden Cisco IOS XR Devices Each service provider is recommended to enable and configure rACLs, CoPP, block unnecessary control protocols over the edge, Protect BGP peering with interface ACLs and many many more. Unfortunately there is no tool available from Cisco to configure and maintain all those features. I would like to ask question to NetPro community. Have you seen any working products from Cisco or Cisco partners for ACL management. Lets keep Cisco Security Manager (CSM) aside. CSM is enterprise oriented tool and supporting routers up to 6500/7600. I’m looking for this tool for few years already. Looks like other Service Providers are using home made developments. Google recently partially published own tool capirca to a public domain (do search on “ACL Management @ Google” or capirca ). This is good start but I is missing ACL deployment module (it is not released by google). Please share you experience! Cheers!
... View more
Hi, I'm trying to provide suggestions regarding Cisco IPS Active Update Bulletin contents. According to a banner I can send my suggestions to "As always, please feel free to e-mail us if you have any comments or questions (firstname.lastname@example.org)" I tried once one moth ago and got an error. I tried once again and got same error once again. Any advises? (hope Cisco insiders reading this conference as well). Escalation trough AM/SE did not help either. Here is the error message email@example.com SMTP error from remote mailer after RCPT TO:<firstname.lastname@example.org>: host sj-inbound-e.cisco.com [188.8.131.52]: 550 #5.1.0 Address rejected.
... View more