Difference between revisions of "skybox notes"
From thelinuxwiki
Line 20: | Line 20: | ||
*export as image or visio | *export as image or visio | ||
*access analyzer!! will show which firewalls allow and which deny, identify which devices need rules | *access analyzer!! will show which firewalls allow and which deny, identify which devices need rules | ||
+ | |||
+ | '''Vulnerability Control - Actionable Remediation''' | ||
+ | *risk = impact x likelyhood | ||
+ | *remediation tickets and tracking | ||
+ | |||
+ | '''Vulnerability Control -Context-Aware Prioritization''' |
Revision as of 18:19, 17 February 2016
skyboxsecurity
Firewall Optimization and Cleanup
- shadowed rules
- redundant rules
- rule usage, unused identified
Firewall Policy Compliance
- out of the box cis benchmarks
- examples: snmp community string violations
- access (rule) policy violations
- example: login services to dmz
Network Visibility and Intelligence
- firewall map
- zones
- validation
- missing hops
- export as image or visio
- access analyzer!! will show which firewalls allow and which deny, identify which devices need rules
Vulnerability Control - Actionable Remediation
- risk = impact x likelyhood
- remediation tickets and tracking
Vulnerability Control -Context-Aware Prioritization