Difference between revisions of "skybox notes"

Latest revision as of 18:25, 17 February 2016

skyboxsecurity

Firewall Optimization and Cleanup

Firewall Policy Compliance

Network Visibility and Intelligence

firewall map
zones
validation
missing hops
export as image or visio
access analyzer!! will show which firewalls allow and which deny, identify which devices need rules

Vulnerability Control - Actionable Remediation

Vulnerability Control -Context-Aware Prioritization

GUI Analytics Center
hotspots mapped to business units, geography, vendor platforms and/or security bulletins
threat origins defined

 example: inside or outside

@@ Line 1: / Line 1: @@
-skybox
+skyboxsecurity
-Firewall Optimization and Cleanup
+'''Firewall Optimization and Cleanup'''
-  shadowed rules
+*shadowed rules
-  redundant rules
+*redundant rules
-  rule usage, unused identified
+*rule usage, unused identified
-Firewall Policy Compliance
+'''Firewall Policy Compliance'''
- out of the box cis benchmarks
+*out of the box cis benchmarks
+*examples: snmp community string violations
+*access (rule) policy violations
+*example: login services to dmz
-examples: snmp community string violations
-access (rule) policy violations
+'''Network Visibility and Intelligence'''
-example: login services to dmz
+*firewall map
+*zones
+*validation
+*missing hops
+*export as image or visio
+*access analyzer!! will show which firewalls allow and which deny, identify which devices need rules
+'''Vulnerability Control - Actionable Remediation'''
+*risk = impact x likelyhood
+*remediation tickets and tracking
+'''Vulnerability Control -Context-Aware Prioritization'''
-Network Visibility and Intelligence
+*GUI Analytics Center
-firewall map
+*hotspots mapped to business units, geography, vendor platforms and/or security bulletins
- zones
+*threat origins defined
- validation
+  example: inside or outside
-    missing hops
- export as image or visio
-access analyzer!! will show which firewalls allow and which deny, identify which devices need rules