Firewall Wizards mailing list archives
Re: Firewall review tool for Junipers
From: Victor Williams <vbwilliams () gmail com>
Date: Thu, 22 Apr 2010 19:09:52 -0500
Having gone through this already, there is no silver bullet for ruleset auditing...it takes human eyes and an explanation on why rulesets are the way they are.
For automated configuration collection and archive, as well as comparison, Kiwi Cattools will handle configurations with select Juniper devices.
The only way you're going to be able to audit configurations that a QSA would be fine with is to manually audit them and comment the rulesets--explain why they're needed. Cisco, Secure Computing Sidewinder (now owned by McAfee and going by a different name), etc all allow commenting of access lists. The last gap analysis we had with a QSA who audited our rulesets indicated that our rulesets and justifications would pass an audit because of the completeness of the comments.
Hope this helps. On 4/22/2010 10:00 AM, Wilson wrote:
Hi there, Just wanted to get some advice from the forum. What tools do you use to perform firewall policies review on Junipers firewall? One of the driver is to comply with PCIDSS. Due to the number of firewalls I hope there is some proven tools out there that can help with things like gathering configs, identify diff in rulesets etc. I am prepared for manual analysis but want to automate as much as possible, especially this will be a recurring tasks. Anyway welcome any open source or commercial suggestions. Thanks heaps for your help. Cheers, Wil _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Firewall review tool for Junipers Wilson (Apr 22)
- Re: Firewall review tool for Junipers Victor Williams (Apr 23)
- Re: Firewall review tool for Junipers david (Apr 26)
- Re: Firewall review tool for Junipers David Hurst (Apr 23)
- <Possible follow-ups>
- Re: Firewall review tool for Junipers Lloyd, Mike (Apr 27)
- Re: Firewall review tool for Junipers Victor Williams (Apr 23)