CCSAT provides an automated configuration security audit tool for Cisco routers and switches.
CCSAT (Cisco Configuration Security Auditing Tool) is a tool for automated auditing of configuration security for large numbers of Cisco routers and switches.
The tool is based upon industry best practices, including Cisco, NSA, and SANS security guides and recommendations.
It is flexible and can report details down to individual device interfaces, lines, ACLs, and ASs, etc.
This tool has been tested and used successfully on FreeBSD, Solaris 8, and Linux, and should work on all major UNIX platforms (POSIX.2).
1) To start, have this script (ccsat) in your working directory /root/Desktop;
2) Within that directory, create subdirectories /root/Desktop/config and /root/Desktop/report;
3) Put config files in /root/Desktop/config and ensure same file extension (default .txt);
4) If none, then add file extension (commands provided here);
5) Run './ccsat 12.3' (assuming 12.3 is the latest IOS);
6) The main report will be /root/Desktop/report/audit-results.