Re: [fw-wiz] Firewall policy generator, capture based - Any idea?
- From: "Dale W. Carder" <dwcarder@xxxxxxxx>
- Date: Wed, 30 Jan 2008 15:30:23 -0600
Hi Ruggero,
On Jan 29, 2008, at 8:09 AM, Ruggero D wrote:
I want to capture my Data Center traffic, with a NAM or Sniffer.
Taken the capture I would like to have a tool that can interpret
the traffic flows and automatically generate firewall rules to
allow those flows.
You can get probably 90% of the way there by using
Netflow. If your routers support netflow, you can
get it from them, or you can use a PC to create
netflow records for you while sniffing the wire.
There are many toolsets available to analyze netflow
records which you could use to advise your ruleset
creation.
You will obviously still miss a lot of details as
others have pointed out.
The idea of putting your firewall in now and logging
everything as Paul suggests is good too, as long as
your firewall can actually log enough.
Dale
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] Firewall policy generator, capture based - Any idea?
- From: Ruggero D
- [fw-wiz] Firewall policy generator, capture based - Any idea?
- Prev by Date: Re: [fw-wiz] Firewall policy generator, capture based - Any idea?
- Next by Date: [fw-wiz] PDM install error on PIX 501
- Previous by thread: Re: [fw-wiz] Firewall policy generator, capture based - Any idea?
- Next by thread: Re: [fw-wiz] Firewall policy generator, capture based - Any idea?
- Index(es):
Relevant Pages
|
