|
Home >
Products > Athena
FirePac |
|
Athena FirePac for firewall analysis
|
|
|
|
Transform your firewall from complex to simple with Athena FirePAC
|
|
|
|
|
Tighten policies and drive down firewall maintenance costs
|
|
|
Athena FirePAC provides a comprehensive analysis of your firewall
configurations that includes extensive checks for security risks in the
firewall policy, identifies problem rules in the configuration, determines
overlapping and conflicting rules, and summarizes the services allowed by the
policy. Using the configuration file for input, FirePAC generates reports based
on packet filtering ACLs, NATs, and routing tables. It details the exact
configuration rules that implement any specific policy so that zeroing in on
the root cause of problems is clear and straightforward. You can also see the
effects of rule changes on policy, compare an old policy with a new policy, or
model how a proposed rule change will change the policy.
|
| |
|
Security Policy Checks
Using the configuration file for input, FirePAC runs over 120 security policy
checks to show how packet filtering ACLs, NATs, and routing tables are
interacting together to affect your firewall's behavior. The checks identify
policies in your firewall configuration that allow risky services from one
security zone to another through the firewall. The detailed findings from these
checks identify the specific rules in the configuration that implement these
policies.
These checks are derived from guidelines and recommendations from
industry sources such as NSA, NIST, SANS Institute, Neohapsis, ISACA and ITIL.
It serves as an audit checklist for identifying security exposures in the
firewall and allows network engineers to make clear policy decisions with
regard to the semantics, rather than just the syntax, of the firewall.
|
| |
|
Culprit Rules
Culprit rules are rules in the configuration that cause the largest number of
specific security policy checks to fail. This makes it simple to harden the
firewall against security exposures by pinpointing the most egregious rules in
the rulebase. Problemantic rules are clearly identified and can be fixed
without creating new, unintended exposures.
|
| |
|
Rule Conflicts
Our rule conflicts analysis looks at the order dependencies and
inter-relationships between rules and flags anomalies that include duplicate
rules and rules that may indicate errors in policy. For example, some rules are
redundant because of other rules or some rules may never get triggered or some
rules providing exceptions are not in the proper place in the ruleset. FirePAC
makes it easy to identify and review these inconsistencies so that they can be
cleaned from the configuration.
|
| |
|
PCI DSS 1.2 Compliance Assessment
FirePAC can assess your firewall configuration for compliance to the Payment
Card Industry Data Security Standards (PCI DSS). This assessment contains a
list of control items as well as customized policy calculations to verify that
the firewall is configured to keep credit card data secure. Use it every
quarter to establish a rock-solid audit trail of evidence. This automated
assessment takes the headache out of compliance efforts by finding the policy
risks that manual reviews may never find.
|
| |
|
Policy Comparison
Compare different versions of a firewall configuration to identify policies
that have been added and deleted as a result of differences in the
configurations. This shows the impact of rule changes to the overall behavior
of the firewall. It can be used to model the effect of a change before it is
deployed to the network, or after, to verify that the rules implement a given
security policy correctly. This feature goes way beyond a simple text
difference of two configuration versions. It reveals how ACL changes can ripple
across the firewall to cause unexpected differences in policy.
|
| |
|
Policy Query
You can generate customized reports based on detailed policy queries. This is
an exellent tool for bounding the analysis to answer a specific question about
your firewall's behavior. For example, a policy query can be based on specific
services, source, and/or destination addresses. The policy query is very useful
for troubleshooting and pin-pointing the causes for risky exposures in the
configuration. These policy queries are also helpful for supporting remediation
tasks.
|
