SANS Compliance Reports

Complying to SANS Firewall Security Policy Guidelines

SANS Firewall Security Policy guidelines helps organizations to manage and configure their perimeter devices which enables them to ensure network security. Firewall Analyzer, helps you to meet the SANS Security Policy requirements at an ease with its out-of-the-box reports. Following are the audit checklist of SANS and the details on how Firewall Analyzer helps to meet them

SANS Audit Checklist Requirements fulfilled by Firewall Analyzer

Rules
Description
How Firewall Analyzer meets requirements
4

Ensure that logging is enabled and that the logs are   reviewed to identify any potential patterns that could indicate an attack

Firewall Analyzer automatically collects and analyzes all your firewall logs to provide out-of-the-box reports and alerts that helps you to identify potential patterns of security attacks

9.1

Avoid using localhost addresses in security policies

Firewall Analyzer provides you detailed report on all 'Allowed Rules with Local IP Addresses' that facilitates the decision on which localhost addresses should be used/avoided in security policies

9.2

Avoid using invalid addresses in security policies

Exhaustive reports on rules that allow traffic to LAN & DMZs via WAN Interface provides information such as the Policy name, rule name, Source, Destination, Service type, Source/Destination Interface and more, which helps you to identify & avoid using invalid addresses in security policies

9.3

Block the Incoming Traffic to broadcast address

Firewall Analyzer provides you information on configured rules which allow untrust traffic to broadcast address. This enables you to review the rules and block the incoming traffic from untrust zone to broadcast address
11

Block Insecure protocols,services and ports.

Firewall Analyzer provides you report which gives you detailed information on all the configured rules that allow insecure protocols, services and ports in your network. This report provides better insight of your network and helps you to block the insecure services or protocols

12

Avoid insecure Remote Access

Firewall Analyzer's 'HTTP Access Details', 'Telnet Access details', 'SSH Access Details', 'User Access Details' reports provides detailed information on inbound/outbound traffic which helps you to block the Remote Access with the insecure services

15

Block UnWanted ICMP Traffic

Firewall Analyzer provides you detailed report on rules that allow ICMP traffic from Untrust Zone. The solution also provides you the rules report that provide information on Blocked ICMP traffic to Untrust Zone. These two reports help the users to identify the unwanted ICMP traffic and block it

16

IP Readdressing/IP Masquerading

Firewall Analyzer's detailed rules report on 'All direct connections from untrust sources' helps to review and configure your rules in such a way that it blocks direct connections from untrust zone
19

Allow Traffic that is necessary for business requirements

Firewall Analyzer helps you to analyze the traffic connections from untrust source with its out-of-the-box reports. This helps you in identifying and allowing the traffic that are necessary for business requirements

24

Continued availability of Firewalls

Firewall Analyzer provides you an option to backup all firewall data by Active StandBy and supports continued availability of firewalls

Customer Speaks
 
"The implementation was so easy and the Firewall Analyzer immediately started showing me how much inbound and outbound traffic was passing through our firewalls.I now use Firewall Analyzer daily !"
-Phil Avella,
Manager,Information Systems,
Thunder Bay District Health Unit
 
A single platter for comprehensive Network Security Device Management