Educause Security Discussion mailing list archives
Re: Firewall Rule Audit Software/Service
From: Mandi Witkovsky <witkovsm () PFW EDU>
Date: Mon, 13 Aug 2018 15:57:14 +0000
Do you have a formal process that must be followed for an exception to be made? Our problem is that several people have legitimate access to make updates-but getting everyone to follow the same process is a challenge. Thanks, mandi From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Simanovich, Roman Sent: Monday, August 13, 2018 11:34 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Firewall Rule Audit Software/Service An excel spreadsheet works great for this, here are the columns I have in mine. Sequence # ID From To Source Destination Service Action NAT/AV/WebFilter/AppControl/IPS/SSLInsepction Department Description Expiration Thanks, Roman From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Mandi Witkovsky Sent: Monday, August 13, 2018 11:15 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Firewall Rule Audit Software/Service I'd love to hear the answer to this one. Even just learning how people tackle documenting and reviewing their rules would be beneficial. Thanks, mandi From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Telfer, Will Sent: Monday, August 13, 2018 11:11 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Firewall Rule Audit Software/Service We are looking at updating our Firewall Rule Audit structure so that we check over all of our rules at least once a year to verify whether they still need to be in place. Since we have multiple groups & multiple firewalls, each with their own specific set of rules the goal is to have some central structure where the audit can be recorded. Are any of you using a software or service that provides the ability for multiple users to log in & check off firewall rules? Please feel free to contact me off list if that is better for you. Thank You, Will Telfer, M.S. Information Security Analyst Information Technology Services [sig] Twitter: @BearAware Facebook: www.facebook.com/BearAware<http://www.facebook.com/BearAware>
Current thread:
- Firewall Rule Audit Software/Service Telfer, Will (Aug 13)
- Re: Firewall Rule Audit Software/Service Mandi Witkovsky (Aug 13)
- Re: Firewall Rule Audit Software/Service Simanovich, Roman (Aug 13)
- Re: Firewall Rule Audit Software/Service Mandi Witkovsky (Aug 13)
- Re: Firewall Rule Audit Software/Service Telfer, Will (Aug 13)
- Re: Firewall Rule Audit Software/Service Simanovich, Roman (Aug 13)
- Re: Firewall Rule Audit Software/Service Frank Barton (Aug 13)
- Re: Firewall Rule Audit Software/Service Ronald King (Aug 16)
- Re: Firewall Rule Audit Software/Service Simanovich, Roman (Aug 13)
- Re: Firewall Rule Audit Software/Service Mandi Witkovsky (Aug 13)