Upload
agurnani
View
1.408
Download
1
Tags:
Embed Size (px)
DESCRIPTION
FirePAC is an extremely affordable, easy to use, downloadable, light footprint software product that demonstrates immediate value without requiring any technical training.FirePAC helps both large and small companies who are actively seeking ways to reduce their expenses around conducting periodic audits, managing security risks, and improving the network's structure and design.
Citation preview
Athena FirePAC works to clean out conflicting rules and eliminate the security risks in firewall policies
It shows how multiple routing,
address translations, and filtering
rules are working together to affect
your firewall's behavior
details the firewall
behavior resulting
from inter-rule
interactions
Policy Analysis Rule Conflicts
identifies overlapping
and conflicting rules for
optimizing rule sets
Policy Comparison
shows added and
deleted policies resulting
from the changes to a
configuration
Policy Query
allows users to
generate customized
reports based on
detailed policy queries
Compliance management /
need for periodic auditsAvoid potential
risks to business continuity
Reduce efforts in firewall review
Need to optimize
configuration
Manage configurations
BUSINESS DRIVERS
Source: Frost and Sullivan
Designed for Network Engineers
EASY Downloadable software takes seconds to install
POWERFUL Cuts manual firewall analysis down by 85%
AFFORDABLE Lowest cost solution for comprehensive analysis
SAFE Injects no packets into the network
NON-INTRUSIVENo connections requiring passwords or permissions
FirePAC analyzes the interactions between• ACLs• Routing Tables• NATs
Risk Description
C27 H services allowed from external zone to internal zone Details
Entering/Exiting interfaces Rules
eth1c0 to eth-s1p2c0 28
antispoof settings
237
257
277
8
No Source Destination Service Translated Source
Translated Destination
Translated Service
Comment
237 any 198.246.171.58 any any h-wcsdevssl any Automatic NAT Rule
from Static
Destination Nat on
h-wcsdevssl
Policy Check
Drill-down to policy detail
Drill-down to rule detail
Requires only the configuration file and
the routing table to generate all reports
IMPORT
FIREWALL SUMMARYActs as a guide to navigate the detail level reports
Firewall statistics summarize the
firewalls primary structure
Findings show the total number of risks
categorized by severity level
Click on the hyperlinks to view:
• definition of the risk
• ruletrails that contributed to the risk
• original rule in the context of the
configuration
Rule conflicts show the exact inter rule
relationships and the number of each
type that were found
The firewall connectivity table provides
basic topology information
Policy Summary acts as a table of
contents for all policies that are:
• Passing through the firewall
• Originating from the firewall
• Terminating at the firewall
POLICY SUMMARYShows the services that are allowed from
each direction on every interface
Based on complex analysis, not
simple pattern matching
Calculates every possible packet
that could traverse the firewall
RULE CONFLICTSIdentifies the order dependencies and
inter-relationships between rules
No Source Destination Service VPN Action Anomaly Comment
25 Any Acmecorp-Cluster
Any Any drop Correlated to <8>, <12>, <13>, <16>, <17>, <18>, <20>
Generalization of <7>, <10>, <15>, <21>, <23>, <24>
27 net-ACC-192.168.50.2 h-accfta001
h-accfta001m
ssh Any accept Redundant to <68>
POLICY COMPARISONShows the impact of rule changes to the
overall behavior of the firewall
Greatly reduces the need for
testing to ensure the correct
policies have been implemented
Can be used to model the effect of
a change before it is deployed to
the network
SUPPORTED FIREWALLS
Athena FirePAC uses safe, offline analysis to:
• Reduce up to 85% of the manual effort to audit any Cisco,
Checkpoint or Netscreen firewall
• Verify the policies that are impacted by rule changes
Try FirePAC at no risk or buy it for only $1495!