Firewall Wizards mailing list archives
Ruleset Auditing and Validation
From: "Sitkin, Jacob B." <Jacob.Sitkin () unisys com>
Date: Fri, 22 Feb 2002 10:32:09 -0500
Having now a firewall infrastructure that has grown beyond the ability of a dozen or more engineers to keep up with on a daily basis, we are faced with the task of auditing and validating our 80+ policy sets for security, accuracy, relevancy and perhaps most of all efficacy with respect to hidden bleed through of services, protocols and ports. Recent discussions regarding "how to go about it" have centered on the problem of any one engineer's viewing of a particular rule or set of rules and interpreting correctly if the ruleset being inspected is valid for the stated purpose (as defined by the ruleset itself or in the comments attached). We are looking for a systematic approach and I am curious to find out how others either a) may have addressed an enterprise wide ruleset (firewall policy) review or b) discovered any FAQ and/or other documentation available that addresses this problem. Jay Sitkin, Unisys Architecture & Technology Access Engineering Sr. Network Engineer Blue Bell, PA 19424 (215) 986-5564 "The bicycle is a curious vehicle. Its passenger is its engine." -John Howard _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Ruleset Auditing and Validation Sitkin, Jacob B. (Feb 23)
- <Possible follow-ups>
- Re: Ruleset Auditing and Validation Tony Howlett (Feb 24)