ScreenOS Firewalls (NOT SRX)
Reply
Regular Visitor
stsmith0883
Posts: 6
Registered: ‎04-20-2009
0

Firewall Auditing

I have approx. 10 Juniper firewalls on site, most with 5.4 code and I need to perform an audit to see what rules are being used, etc.  A basic audit of the firewalls and what they are doing.  We have an NSM with most of the boxes listed in it.  My question is what would be the best approach in performing a audit of the firewalls ?  What settings should be in place to assist in this effort ?

 

Any ideas would be appreciated.

Super Contributor
mehdi
Posts: 240
Registered: ‎08-19-2008
0

Re: Firewall Auditing

hi

 

you can you some tools for auditing firawall  like nipper or  ns2html

http://ns2html.sourceforge.net/about.html

http://nipper.titania.co.uk/

 

thanks 

**If this reply solved your problem click on Kudos **
Kind Regard
http://www.linkedin.com/in/mkhitmane
personal mail: mehdi.khitmane@gmail.com
Super Contributor
mehdi
Posts: 240
Registered: ‎08-19-2008
0

Re: Firewall Auditing

you can see this

http://forums.juniper.net/jnet/board/message?board.id=Firewalls&message.id=5464#M5464

**If this reply solved your problem click on Kudos **
Kind Regard
http://www.linkedin.com/in/mkhitmane
personal mail: mehdi.khitmane@gmail.com
New User
fw-wiz
Posts: 2
Registered: ‎05-13-2009
0

Re: Firewall Auditing

Check out SecureTrack from tufin technologies - does exactly what you're looking for and a lot more.

Trusted Contributor
Gavrilo
Posts: 279
Registered: ‎07-14-2008
0

Re: Firewall Auditing

I would go for the Tuffin solution also, as it is vendor neutral.

 

Gavrilo

New User
Defcon1
Posts: 1
Registered: ‎05-14-2009
0

Re: Firewall Auditing

Like products are also available from Secure Passage (FireMon) and AlgoSec (ASA - AlgoSec Firewall Analyzer).  

Secure Passage has a complete real-time product demonstration available on their homepage and AlogSec has several flash demos available.  Both are members of the J-partner alliance as is Tufin.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.