Firewall Wizards mailing list archives
Pix rulebase/policy analysis
From: jacob c <jctx09 () yahoo com>
Date: Wed, 19 Sep 2007 07:11:39 -0700 (PDT)
I'm a newbie to the PIX line but these questions would apply to other firewalls as well. I have some questions that I
hope you guys can assist me with.
Two Questions:
1) What is the best/easiest way to document a current policy? Spreadsheet?? I
would like to know what ports (services) are open and to where? Also duplicates,
etc.? Would it be best just to put it in a spreadsheet? Is there a tool for
this?
2) Once an audit/analysis has been made, what is a good way to make the new
changes, if there are many? Would it best just to download the config and modify
it offline?
3) What is the method to see what rules are being hit the most so I can
rearrange the rules in the most logical, efficient order?
4) Is there standard Analysis checklist to go by when reviewing a PIX firewall
policy?
Any help is highly appreciated.
Thank you,
---------------------------------
Check out the hottest 2008 models today at Yahoo! Autos._______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Pix rulebase/policy analysis jacob c (Sep 20)
- Re: Pix rulebase/policy analysis Brian Loe (Sep 21)
- Re: Pix rulebase/policy analysis Michael Cox (Sep 21)
- Re: Pix rulebase/policy analysis Richard Golodner (Sep 21)
- Re: Pix rulebase/policy analysis James (Sep 22)
- Re: Pix rulebase/policy analysis Richard Golodner (Sep 23)
- Re: Pix rulebase/policy analysis James (Sep 25)
- Re: Pix rulebase/policy analysis James (Sep 22)