Re: [fw-wiz] Firewall review tool for Junipers



Having gone through this already, there is no silver bullet for ruleset auditing...it takes human eyes and an explanation on why rulesets are the way they are.

For automated configuration collection and archive, as well as comparison, Kiwi Cattools will handle configurations with select Juniper devices.

The only way you're going to be able to audit configurations that a QSA would be fine with is to manually audit them and comment the rulesets--explain why they're needed. Cisco, Secure Computing Sidewinder (now owned by McAfee and going by a different name), etc all allow commenting of access lists. The last gap analysis we had with a QSA who audited our rulesets indicated that our rulesets and justifications would pass an audit because of the completeness of the comments.

Hope this helps.

On 4/22/2010 10:00 AM, Wilson wrote:
Hi there,

Just wanted to get some advice from the forum. What tools do you use
to perform firewall policies review on Junipers firewall? One of the
driver is to comply with PCIDSS. Due to the number of firewalls I hope
there is some proven tools out there that can help with things like
gathering configs, identify diff in rulesets etc. I am prepared for
manual analysis but want to automate as much as possible, especially
this will be a recurring tasks. Anyway welcome any open source or
commercial suggestions. Thanks heaps for your help.

Cheers,

Wil
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards