Solved

Need to be able to see who logged in, when and what changes they made on Cisco Routers, Switches and FWs (ASA).

Posted on 2014-10-27
6
195 Views
Last Modified: 2014-10-27
Need to be able to see who logged in, when and what changes they made on Cisco Routers and Switches. I need to keep this information for a long period of time. Is there a way of doing this?

Thank you,
0
Comment
Question by:dsterling
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 17

Expert Comment

by:pjam
ID: 40406793
Cisco Network Assistant is a free app that contains a Security Wizard:
Have you installed that?  Take a look at that to see if it does what you want.
Cisco Network Assistant
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40406841
Sounds like what you're looking for is AAA (Authorization, Authentication & Accounting).

http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfaaa.html
0
 

Author Comment

by:dsterling
ID: 40406991
This doesn't let me see what changes they may of made for example: A Network Admin logs into a Cisco router and changes an ACL incorrectly, the Network admin goes on vacation or leaves the company. I need to see who made the change and what is was so it can be quickly fixed. Also we have to keep close track of authorized and unauthorized changes to the network.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 40407129
This doesn't let me see what changes they may of made
I don't know who this was directed at...

But with AAA and regular configuration backups, it's pretty easy to see who changed the config and what was changed.  You can also use Configuration Change Notification and Logging.
0
 

Author Comment

by:dsterling
ID: 40407190
Couldn't this be viewed in the Cisco ACS server device also?
0
 

Author Closing Comment

by:dsterling
ID: 40407237
What I was looking for, great answer.
0

Featured Post

Turn Insights Into Action

You’ve already invested in ITSM tools, chat applications, automation utilities, and more. Fortify these solutions with intelligent communications so you can drive business processes forward.

With xMatters, you'll never miss a beat.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Here's a look at newsworthy articles and community happenings during the last month.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question