Compliance Reports

ISO 27001:2013 Requirements

ISO 27001:2013 Regulatory Mandate deals with the Information Security controls that ensures your network security by monitoring Firewall Configuration Policies, Network Traffic through your perimeter devices and more. Firewall Analyzer helps meeting the requirements of this mandate with its out-of-the-box reports.

ISO 27001:2013 requirements met by Firewall Analyzer

Rules
Description
How Firewall Analyzer meets requirements
9.2

Refer the user accounts and remove unnecessary accounts(if any)


Firewall Analyzer lists down the users of your firewall with which you can analyze the user accounts and decide on which user account is to be retained and which is to be removed

9.4

Configuring   telnet is not advisable, use ssh instead. This will improve security

Firewall Analyzer provides you the detail of all the Services viz., HTTP, Telnet, SSH and User Access details which helps you to manage your Firewall Access control efficiently by avoiding insecure services for Management Access

12.4.1

Enabling   the log information will help you to look for details for every transaction.   Keep the logs for 6 months

Firewall Analyzer enables firewall devices logging and it archives firewall logs that helps you to keep track of every transaction made

12.4.2

Protect   your logs by encrypting those while storing it. This prevents unauthorized   access

Firewall Analyzer has the capability to enrypt raw logs that prevents unauthorized access
12.4.3

Know   what commands are executed in your firewall, Need to enable admin logs

Firewall Analyzer provides you out-of-the-box report on all the commands that are executed in your firewall device

12.4.4

Configuring   NTP server helps all machines time synchronized

Firewall Analyzer helps you to know the NTP server configuration details that provides better insights on time synchronization of all machines

13.1.1

Verify   that inbound and outbound traffic is limited to that which is necessary for   the cardholder data environment, and that the restrictions are documented

Firewall Analyzer provides you out-of-the-box detailed reports on all the rules that deals with 

  • Allowed Traffic from and to your DMZ

  • Non-Documented Denied traffic from and to your DMZ

These reports helps you to analyze your inbound and outbound traffic on your business sensitive data environment and allows you to block the unwanted traffic
13.1.3

Limit   inbound Internet traffic to IP addresses within the DMZ

Firewall Analyzer provides you a detailed report on rules that allows traffic from Untrust zone to your DMZs/Non- DMZs. This helps you to analyze your internal internet traffic and allows you to limit the internet traffic to IP addresses within your perimeter network
13.1.4

Do   not allow any direct connections inbound or outbound for traffic between the   Internet and the data environment

Firewall Analyzer's detailed reports on all the rules that is configured to allow traffic from secured data zone to untrust sources, helps you to analyze the inbound/outbound traffic between the internet and the data environment.It also allows you to block the direct network connections if any

13.1.5

Do   not allow internal addresses to pass from the Internet into the DMZ.

Firewall Analyzer provides you the rules report on

  • Allowed Traffic from External IPs to DMZs via WAN interface

  • Allowed Traffic from Internal IPs to DMZs via WAN Interface

These report helps you to block internal addresses to pass from internet to the perimeter network.

Customer Speaks
 
"The implementation was so easy and the Firewall Analyzer immediately started showing me how much inbound and outbound traffic was passing through our firewalls.I now use Firewall Analyzer daily !"
-Phil Avella,
Manager,Information Systems,
Thunder Bay District Health Unit
 
A single platter for comprehensive Network Security Device Management