Difference between revisions of "skybox notes"
From thelinuxwiki
(Created page with "skybox Firewall Optimization and Cleanup shadowed rules redundant rules rule usage, unused identified Firewall Policy Compliance out of the box cis benchmarks exampl...") |
|||
| Line 1: | Line 1: | ||
| − | + | skyboxsecurity | |
| − | Firewall Optimization and Cleanup | + | '''Firewall Optimization and Cleanup''' |
| − | + | *shadowed rules | |
| − | + | *redundant rules | |
| − | + | *rule usage, unused identified | |
| − | Firewall Policy Compliance | + | '''Firewall Policy Compliance''' |
| − | + | *out of the box cis benchmarks | |
| + | *examples: snmp community string violations | ||
| + | *access (rule) policy violations | ||
| + | *example: login services to dmz | ||
| − | |||
| − | + | '''Network Visibility and Intelligence''' | |
| − | + | *firewall map | |
| − | + | *zones | |
| − | + | *validation | |
| − | + | *missing hops | |
| − | Network Visibility and Intelligence | + | *export as image or visio |
| − | firewall map | + | *access analyzer!! will show which firewalls allow and which deny, identify which devices need rules |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | access analyzer!! will show which firewalls allow and which deny, identify which devices need rules | + | |
Revision as of 17:48, 17 February 2016
skyboxsecurity
Firewall Optimization and Cleanup
- shadowed rules
- redundant rules
- rule usage, unused identified
Firewall Policy Compliance
- out of the box cis benchmarks
- examples: snmp community string violations
- access (rule) policy violations
- example: login services to dmz
Network Visibility and Intelligence
- firewall map
- zones
- validation
- missing hops
- export as image or visio
- access analyzer!! will show which firewalls allow and which deny, identify which devices need rules
