Re: [fw-wiz] Pix rulebase/policy analysis



Hi,

if you are willing to use a commercial solution, check out www.algosec.com.
it does everything you asked about, and then some: risk assessment with
builtin knowledgebase, what is open, rule usage statistics & reordering,
change tracking, SOX compliance - all in a convenient web-based report.

it's WAY better than a spreadsheet ...

Disclaimer: I've been working on firewall analysis for many years,
both in academia and industry, and
I'm affiliated with AlgoSec, so I'm biased.

HTH,
Avishai

On 9/19/07, jacob c <jctx09@xxxxxxxxx> wrote:
I'm a newbie to the PIX line but these questions would apply to other
firewalls as well. I have some questions that I hope you guys can assist me
with.

Two Questions:
1) What is the best/easiest way to document a current policy? Spreadsheet??
I
would like to know what ports (services) are open and to where? Also
duplicates,
etc.? Would it be best just to put it in a spreadsheet? Is there a tool for
this?
2) Once an audit/analysis has been made, what is a good way to make the new
changes, if there are many? Would it best just to download the config and
modify
it offline?
3) What is the method to see what rules are being hit the most so I can
rearrange the rules in the most logical, efficient order?
4) Is there standard Analysis checklist to go by when reviewing a PIX
firewall
policy?
Any help is highly appreciated.
Thank you,

________________________________
Check out the hottest 2008 models today at Yahoo! Autos.


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards




--
Avishai Wool, Ph.D., Co-founder and Chief Technical Officer
http://www.algosec.com
******* Firewall Management Made Smarter ******
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • RE: Firewall rulebase audit
    ... Subject: Firewall rulebase audit ... it in a spreadsheet? ... Q1 What is the best/easiest way to document a current policy? ... Q2 I would like to know what ports are open and to where? ...
    (Security-Basics)
  • Re: Firewall rulebase audit
    ... Would it be best just to put it in a spreadsheet? ... Q1 What is the best/easiest way to document a current policy? ... Q2 I would like to know what ports are open and to where? ... Our product calls These NCC (Network Configuration Checks) There are also checks you should do based on the traffic that is allowed. ...
    (Security-Basics)
  • Re: Policy editor
    ... There is a 4 MByte spreadsheet called "Policy>> Settings" ... >> you cannot find a download location then I'm happy to upload it for ... > Is it necessary to install the Admin Pack to get the spreadsheet? ...
    (microsoft.public.windowsxp.general)
  • XP SP2 Version of Group Policy Reference Spreadsheet available
    ... Policy Reference Spreadsheet. ... settings described by the .ADM files we ship with XP SP2. ... service packs that support Group Policy (Windows 2000, ...
    (microsoft.public.win2000.group_policy)
  • XP SP2 Version of Group Policy Reference Spreadsheet available
    ... Policy Reference Spreadsheet. ... settings described by the .ADM files we ship with XP SP2. ... service packs that support Group Policy (Windows 2000, ...
    (microsoft.public.windows.group_policy)