Firesec is a comprehensive solution for firewall rulebase analysis in medium to large enterprise environments. It addresses the problems inherent with large rule sets and helps purge and update a rule base as per network requirements. Firesec provides multiple functions such as removing redundant rules, grouping similar rules, and searching for vulnerable rule patterns.
Features |
Normalization |
Ability to read the firewall configuration and normalize it into a standardized database format. Both rules and firewall objects are fed into the database for analysis.
|
Traffic Analysis |
Includes standard firewall log parsing scripts which scan through giga bytes of firewall logs and retrieve the relevant packet information. Firesec matches the output against the rulesets to remove unused or redundant objects.
|
Rule base Analysis |
Intelligently analyses the rule base to address instances of two or more rules, which match the same traffic and perform the same action, or two or more rules which match the same traffic, but perform opposite actions, or rules which can be combined by creating object groups.
|
Rule base Comparison |
Smart comparison of two or more rule sets from different firewalls.
|
Security Analysis |
Enables quick analysis of the rule base by looking out for vulnerable patterns among the rules, which could be either specific IP ranges, subnets, ports, or port ranges.
|
Command Generation |
Reduces the effort of repeating the analysis process by generating commands required to clean up the configuration.
|
Report Generation |
Generates comprehensive HTML reports to provide the details on the updated rule sets.
|
Supported systems:
Cyberguard
Cisco PIX
Netscreen
Generic ruleset
Click on the links below for specific
information:
Key Features &
Datasheet
Demo
| 
Datasheet