ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

Firewall Auditing

04.29.09   |  
‎04-29-2009 12:54 PM

I have approx. 10 Juniper firewalls on site, most with 5.4 code and I need to perform an audit to see what rules are being used, etc.  A basic audit of the firewalls and what they are doing.  We have an NSM with most of the boxes listed in it.  My question is what would be the best approach in performing a audit of the firewalls ?  What settings should be in place to assist in this effort ?

 

Any ideas would be appreciated.

5 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: Firewall Auditing

04.30.09   |  
‎04-30-2009 03:05 AM

hi

 

you can you some tools for auditing firawall  like nipper or  ns2html

http://ns2html.sourceforge.net/about.html

http://nipper.titania.co.uk/

 

thanks 

**If this reply solved your problem click on Kudos **
Kind Regard
http://www.linkedin.com/in/mkhitmane
personal mail: mehdi.khitmane@gmail.com
ScreenOS Firewalls (NOT SRX)

Re: Firewall Auditing

04.30.09   |  
‎04-30-2009 03:09 AM

you can see this

http://forums.juniper.net/jnet/board/message?board.id=Firewalls&message.id=5464#M5464

**If this reply solved your problem click on Kudos **
Kind Regard
http://www.linkedin.com/in/mkhitmane
personal mail: mehdi.khitmane@gmail.com
ScreenOS Firewalls (NOT SRX)

Re: Firewall Auditing

05.13.09   |  
‎05-13-2009 12:54 PM

Check out SecureTrack from tufin technologies - does exactly what you're looking for and a lot more.

ScreenOS Firewalls (NOT SRX)

Re: Firewall Auditing

05.14.09   |  
‎05-14-2009 06:53 AM

I would go for the Tuffin solution also, as it is vendor neutral.

 

Gavrilo

ScreenOS Firewalls (NOT SRX)

Re: Firewall Auditing

05.14.09   |  
‎05-14-2009 04:16 PM

Like products are also available from Secure Passage (FireMon) and AlgoSec (ASA - AlgoSec Firewall Analyzer).  

Secure Passage has a complete real-time product demonstration available on their homepage and AlogSec has several flash demos available.  Both are members of the J-partner alliance as is Tufin.