?
Solved

Need to be able to see who logged in, when and what changes they made on Cisco Routers, Switches and FWs (ASA).

Posted on 2014-10-27
6
Medium Priority
?
197 Views
Last Modified: 2014-10-27
Need to be able to see who logged in, when and what changes they made on Cisco Routers and Switches. I need to keep this information for a long period of time. Is there a way of doing this?

Thank you,
0
Comment
Question by:dsterling
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 17

Expert Comment

by:pjam
ID: 40406793
Cisco Network Assistant is a free app that contains a Security Wizard:
Have you installed that?  Take a look at that to see if it does what you want.
Cisco Network Assistant
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40406841
Sounds like what you're looking for is AAA (Authorization, Authentication & Accounting).

http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfaaa.html
0
 

Author Comment

by:dsterling
ID: 40406991
This doesn't let me see what changes they may of made for example: A Network Admin logs into a Cisco router and changes an ACL incorrectly, the Network admin goes on vacation or leaves the company. I need to see who made the change and what is was so it can be quickly fixed. Also we have to keep close track of authorized and unauthorized changes to the network.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 50

Accepted Solution

by:
Don Johnston earned 2000 total points
ID: 40407129
This doesn't let me see what changes they may of made
I don't know who this was directed at...

But with AAA and regular configuration backups, it's pretty easy to see who changed the config and what was changed.  You can also use Configuration Change Notification and Logging.
0
 

Author Comment

by:dsterling
ID: 40407190
Couldn't this be viewed in the Cisco ACS server device also?
0
 

Author Closing Comment

by:dsterling
ID: 40407237
What I was looking for, great answer.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question