Firewall rulebase audit



I have a pair of PIX firewalls that I need to audit. I was hoping to get some guidelines for doing this. Antyhing specific to PIX would be even better.

1) What is the best/easiest way to document a current policy? Spreadsheet?? I would like to know what ports (services) are open and to where? Also duplicates, etc.? Would it be best just to put it in a spreadsheet? Is there a tool for this?

2)Is there standard Analysis checklist to go by when reviewing a (PIX) firewall policy?

Any help is highly appreciated.

Thank you,



Relevant Pages