skybox notes
From thelinuxwiki
skyboxsecurity
Firewall Optimization and Cleanup
- shadowed rules
- redundant rules
- rule usage, unused identified
Firewall Policy Compliance
- out of the box cis benchmarks
- examples: snmp community string violations
- access (rule) policy violations
- example: login services to dmz
Network Visibility and Intelligence
- firewall map
- zones
- validation
- missing hops
- export as image or visio
- access analyzer!! will show which firewalls allow and which deny, identify which devices need rules
Vulnerability Control - Actionable Remediation
- risk = impact x likelyhood
- remediation tickets and tracking
Vulnerability Control -Context-Aware Prioritization
- hotspots mapped to business units, geography, vendor platforms and/or security bulletins
- threat origins defined
example: inside or outside