Re: [fw-wiz] Pix rulebase/policy analysis



Hi,

if you are willing to use a commercial solution, check out www.algosec.com.
it does everything you asked about, and then some: risk assessment with
builtin knowledgebase, what is open, rule usage statistics & reordering,
change tracking, SOX compliance - all in a convenient web-based report.

it's WAY better than a spreadsheet ...

Disclaimer: I've been working on firewall analysis for many years,
both in academia and industry, and
I'm affiliated with AlgoSec, so I'm biased.

HTH,
Avishai

On 9/19/07, jacob c <jctx09@xxxxxxxxx> wrote:
I'm a newbie to the PIX line but these questions would apply to other
firewalls as well. I have some questions that I hope you guys can assist me
with.

Two Questions:
1) What is the best/easiest way to document a current policy? Spreadsheet??
I
would like to know what ports (services) are open and to where? Also
duplicates,
etc.? Would it be best just to put it in a spreadsheet? Is there a tool for
this?
2) Once an audit/analysis has been made, what is a good way to make the new
changes, if there are many? Would it best just to download the config and
modify
it offline?
3) What is the method to see what rules are being hit the most so I can
rearrange the rules in the most logical, efficient order?
4) Is there standard Analysis checklist to go by when reviewing a PIX
firewall
policy?
Any help is highly appreciated.
Thank you,

________________________________
Check out the hottest 2008 models today at Yahoo! Autos.


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards




--
Avishai Wool, Ph.D., Co-founder and Chief Technical Officer
http://www.algosec.com
******* Firewall Management Made Smarter ******
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards