Re: Firewall rulebase audit



Try FIREGEN

http://www.eventid.net/firegen/firegenpix2.asp

might get you started on the right track...

Thanks..
Garry..
--- jctx09@xxxxxxxxx wrote:

I have a pair of PIX firewalls that I need to audit.
I was hoping to get some guidelines for doing this.
Antyhing specific to PIX would be even better.

1) What is the best/easiest way to document a
current policy? Spreadsheet?? I would like to know
what ports (services) are open and to where? Also
duplicates, etc.? Would it be best just to put it in
a spreadsheet? Is there a tool for this?

2)Is there standard Analysis checklist to go by when
reviewing a (PIX) firewall policy?

Any help is highly appreciated.

Thank you,




Relevant Pages

  • Firewall rulebase audit
    ... I have a pair of PIX firewalls that I need to audit. ... Would it be best just to put it in a spreadsheet? ... 2)Is there standard Analysis checklist to go by when reviewing a firewall policy? ...
    (Security-Basics)
  • Re: Firewall rulebase audit
    ... There is an article to go along with it, and several other PIX related checklists etc. on the site. ... Subject: Firewall rulebase audit ... Would it be best just to put it in a spreadsheet? ...
    (Security-Basics)
  • RE: Firewall rulebase audit
    ... Subject: Firewall rulebase audit ... There is an article to go along with it, and several other PIX related ... Would it be best just to put it in a spreadsheet? ...
    (Security-Basics)
  • Re: [fw-wiz] Pix rulebase/policy analysis
    ... 1- A spreadsheet is a good way to keep track of the current rule set ... configuration by making changes in real time. ... then apply it to your Pix. ... Also look at your ACL's hit counts. ...
    (Firewall-Wizards)