Re: [fw-wiz] Cisco PIX 515 Firewall

From: Paul Robertson (proberts_at_patriot.net)
Date: 02/26/04

  • Next message: Ben Nagy: "RE: IPS (was: [fw-wiz] Sources for Extranet Designs?)" 
    To: M.C.M.Merks@delagelanden.com
Date: Thu, 26 Feb 2004 07:51:20 -0500 (EST)

    On Thu, 26 Feb 2004 M.C.M.Merks@delagelanden.com wrote:

    > Hi all,
    >
    > I'm looking for a audit program on a Cisco PIX 515 Firewall. Can anyone help
    > me with this?

    Firewalls should be audited against a security policy, that's not a
    programatically solvable problem (unless you have one heck of a detailed
    security policy already in a program-friendly format, with systems
    databased..,) as it requires interpretation of the policy.

    If the security policy doesn't clearly delineate what's allowed to
    traverse the firewall, then you're looking at the wrong part of the
    problem. If you do, you can feed the policy through a simulator and
    compare it to the current policy, but that's probably going to take as
    much time as going through the rules individually.

    In the past, I've found it more helpful to have a platform expert manually
    audit firewall rulebases against a security policy, as they can not only
    check for security, but they generally can check for efficiency and will
    know the common platform issues.

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    proberts@patriot.net which may have no basis whatsoever in fact."
    probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Ben Nagy: "RE: IPS (was: [fw-wiz] Sources for Extranet Designs?)"

    Relevant Pages

    • Re: [fw-wiz] How automate firewall tests
      ... I like to add some flexibility to feature functionality that this tool tests. ... I like to be able taylor the test type for the type of applications and services I have in my network. ... 2/ is the configuration of that firewall compliant with my security policy? ... The second point requires a tool able to *understand* a security policy. ...
      (Firewall-Wizards)
    • Re: [fw-wiz] Firewalls Compared
      ... What methods does the firewall provide to assist me in ... reliability/track record of client SW vis-a-vis install across ... How well do the boxes implement my proposed security policy. ... License issues (how do they handle license failure, ...
      (Firewall-Wizards)
    • RE: [fw-wiz] Worms, Air Gaps and Responsibility
      ... Some companies try to firewall by business unit, ... Even firewalling each subnet is a support nightmare in the ... "This set of things should never talk" isn't a difficult security policy ... > companies had patched XP desktops, ...
      (Firewall-Wizards)
    • Re: [fw-wiz] Looking for firewall recommendations
      ... Almost any firewall of a given size will enforce a security policy- how ... You haven't given any information on the type of security policy you wish ... Paul D. Robertson "My statements in this message are personal opinions ...
      (Firewall-Wizards)
    • Re: [fw-wiz] AIM to iChat AV
      ... > get an error that says is probably caused by a firewall. ... it's because of the local security policy. ... There's a reason the ... Paul D. Robertson "My statements in this message are personal opinions ...
      (Firewall-Wizards)