Firewall Wizards mailing list archives
Re: Ruleset Auditing and Validation
From: Tony Howlett <thowlett () netsecuritysvcs com>
Date: Sat, 23 Feb 2002 14:35:27 -0600
The Center for Internet Security (www.cisecurity.org) just released a router auditing tool (RAT). Its pretty neat and very useful for automating checking router configs (only Cisco right now) to make sure they meet a minimum requirement. What does this have to do with Firewalls? Well its open source and written in Perl so if you have some programing staffl, it wouldnt be that hard to modify the script to look at your firewall config files and spit out a report. Ive looked at the code and its seem the file fetching and reading and reporting aspects would be quite reusable. This would also make a great project for someone looking to gain some prestige in the community. Im thinking of doing it myself for some of the firewalls i work with (Sonicwall and netscreen mostly) when i get some free time.
Good luck! At 10:32 AM 2/22/2002 -0500, you wrote:
Having now a firewall infrastructure that has grown beyond the ability of a dozen or more engineers to keep up with on a daily basis, we are faced with the task of auditing and validating our 80+ policy sets for security, accuracy, relevancy and perhaps most of all efficacy with respect to hidden bleed through of services, protocols and ports. Recent discussions regarding "how to go about it" have centered on the problem of any one engineer's viewing of a particular rule or set of rules and interpreting correctly if the ruleset being inspected is valid for the stated purpose (as defined by the ruleset itself or in the comments attached). We are looking for a systematic approach and I am curious to find out how others either a) may have addressed an enterprise wide ruleset (firewall policy) review or b) discovered any FAQ and/or other documentation available that addresses this problem. Jay Sitkin, Unisys Architecture & Technology Access Engineering Sr. Network Engineer Blue Bell, PA 19424 (215) 986-5564 "The bicycle is a curious vehicle. Its passenger is its engine." -John Howard _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Ruleset Auditing and Validation Sitkin, Jacob B. (Feb 23)
- <Possible follow-ups>
- Re: Ruleset Auditing and Validation Tony Howlett (Feb 24)