Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ruleset Auditing and Validation

From: Tony Howlett <thowlett () netsecuritysvcs com>
Date: Sat, 23 Feb 2002 14:35:27 -0600
The Center for Internet Security (www.cisecurity.org) just released a router auditing tool (RAT). Its pretty neat and very useful for automating checking router configs (only Cisco right now) to make sure they meet a minimum requirement. What does this have to do with Firewalls? Well its open source and written in Perl so if you have some programing staffl, it wouldnt be that hard to modify the script to look at your firewall config files and spit out a report. Ive looked at the code and its seem the file fetching and reading and reporting aspects would be quite reusable. This would also make a great project for someone looking to gain some prestige in the community. Im thinking of doing it myself for some of the firewalls i work with (Sonicwall and netscreen mostly) when i get some free time. 

Good luck!

At 10:32 AM 2/22/2002 -0500, you wrote:

Having now a firewall infrastructure that has grown beyond the ability of a
dozen or more engineers to keep up with on a daily basis, we are faced with
the task of auditing and validating our 80+ policy sets for security,
accuracy, relevancy and perhaps most of all efficacy with respect to hidden
bleed through of services, protocols and ports.

Recent discussions regarding "how to go about it" have centered on the
problem of any one engineer's viewing of a particular rule or set of rules
and interpreting correctly if the ruleset being inspected is valid for the
stated purpose (as defined by the ruleset itself or in the comments
attached).

We are looking for a systematic approach and I am curious to find out how
others either a) may have addressed an enterprise wide ruleset (firewall
policy) review or b) discovered any FAQ and/or other documentation available
that addresses this problem.

Jay Sitkin, Unisys
Architecture & Technology
Access Engineering
Sr. Network Engineer
Blue Bell, PA 19424
(215) 986-5564

"The bicycle is a curious vehicle. Its passenger is its engine." -John
Howard

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: