Complying to SANS Firewall Security Policy Guidelines

SANS Firewall Security Policy guidelines helps organizations to manage and configure their perimeter devices which enables them to ensure network security. Firewall Analyzer, helps you to meet the SANS Security Policy requirements at an ease with its out-of-the-box reports. Following are the audit checklist of SANS and the details on how Firewall Analyzer helps to meet them

SANS Audit Checklist Requirements fulfilled by Firewall Analyzer

Rules Description How Firewall Analyzer meets requirement
4 Ensure that logging is enabled and that the logs are   reviewed to identify any potential patterns that could indicate an attack Firewall Analyzer automatically collects and analyzes all your firewall logs to provide out-of-the-box reports and alerts that helps you to identify potential patterns of security attacks
9.1 Avoid using localhost addresses in security policies Firewall Analyzer provides you detailed report on all 'Allowed Rules with Local IP Addresses' that facilitates the decision on which localhost addresses should be used/avoided in security policies
9.2 Avoid using invalid addresses in security policies Exhaustive reports on rules that allow traffic to LAN & DMZs via WAN Interface provides information such as the Policy name, rule name, Source, Destination, Service type, Source/Destination Interface and more, which helps you to identify & avoid using invalid addresses in security policies
9.3 Block the Incoming Traffic to broadcast address Firewall Analyzer provides you information on configured rules which allow untrust traffic to broadcast address. This enables you to review the rules and block the incoming traffic from untrust zone to broadcast address
11 Block Insecure protocols,services and ports. Firewall Analyzer provides you report which gives you detailed information on all the configured rules that allow insecure protocols, services and ports in your network. This report provides better insight of your network and helps you to block the insecure services or protocols
12 Avoid insecure Remote Access Firewall Analyzer's 'HTTP Access Details', 'Telnet Access details', 'SSH Access Details', 'User Access Details' reports provides detailed information on inbound/outbound traffic which helps you to block the Remote Access with the insecure services
15 Block UnWanted ICMP Traffic Firewall Analyzer provides you detailed report on rules that allow ICMP traffic from Untrust Zone. The solution also provides you the rules report that provide information on Blocked ICMP traffic to Untrust Zone. These two reports help the users to identify the unwanted ICMP traffic and block it
16 IP Readdressing/IP Masquerading Firewall Analyzer's detailed rules report on 'All direct connections from untrust sources' helps to review and configure your rules in such a way that it blocks direct connections from untrust zone
19 Allow Traffic that is necessary for business requirements Firewall Analyzer helps you to analyze the traffic connections from untrust source with its out-of-the-box reports. This helps you in identifying and allowing the traffic that are necessary for business requirements
24 Continued availability of Firewalls

 

Firewall Analyzer provides you an option to backup all firewall data by Active StandBy and supports continued availability of firewalls

 

Refer Firewall compliance management software page for more details about other firewall security standards compliance.

 

Featured links

Other features

Firewall Rule Management

Manage your firewall rules for optimum performance. Anomaly free, properly ordered rules make your firewall secured. Audit the firewall security and manage the rule/config changes to strengthen the security.  

Firewall Reports

Get a slew of security and traffic reports to asses the network security posture. Analyze the reports and take measures to prevent future security incidents. Monitor the Internet usage of enterprise users.

Firewall Log Management

Unlock the wealth of network security information hidden in the firewall logs. Analyze the logs to find the security threats faced by the network. Also, get the Internet traffic pattern for capacity planning. 

Real-time Bandwidth Monitoring

With live bandwidth monitoring, you can identify the abnormal sudden shhot up of bandwidth use. Take remedial measures to contain the sudden surge in bandwidth consumption.

Firewall Alerts

Take instant remedial actions, when you get notified in real-time for network security incidents. Check and restrict Internet usage if banwidth exceeds specified threshold.

Manage Firewall Service

MSSPs can host multiple tenants, with exclusive segmented and secured access to their respective data. Scalable to address their needs. Manages firewalls deployed around the globe.

 

A single platter for comprehensive Network Security Device Management