Re: [fw-wiz] Pix rulebase/policy analysis
if you are willing to use a commercial solution, check out [url]www.algosec.com[/url].
it does everything you asked about, and then some: risk assessment with
builtin knowledgebase, what is open, rule usage statistics & reordering,
change tracking, SOX compliance - all in a convenient web-based report.
it's WAY better than a spreadsheet ...
Disclaimer: I've been working on firewall analysis for many years,
both in academia and industry, and
I'm affiliated with AlgoSec, so I'm biased.
On 9/19/07, jacob c <firstname.lastname@example.org> wrote:[color=blue]
> I'm a newbie to the PIX line but these questions would apply to other
> firewalls as well. I have some questions that I hope you guys can assist me
> Two Questions:
> 1) What is the best/easiest way to document a current policy? Spreadsheet??
> would like to know what ports (services) are open and to where? Also
> etc.? Would it be best just to put it in a spreadsheet? Is there a tool for
> 2) Once an audit/analysis has been made, what is a good way to make the new
> changes, if there are many? Would it best just to download the config and
> it offline?
> 3) What is the method to see what rules are being hit the most so I can
> rearrange the rules in the most logical, efficient order?
> 4) Is there standard Analysis checklist to go by when reviewing a PIX
> Any help is highly appreciated.
> Thank you,
> Check out the hottest 2008 models today at Yahoo! Autos.
> firewall-wizards mailing list
Avishai Wool, Ph.D., Co-founder and Chief Technical Officer
******* Firewall Management Made Smarter ******
firewall-wizards mailing list