Basel II is the second of the three Basel accords created by the Basel Committee on Bank Supervision (BCBS). Created in 2004, Basel II was built on Basel I, greatly expanding the scope of Basel I to primarily address new financial products and innovations.
At the time, banking regulations varied significantly from country to country and Basel II helped create a unified framework to create standard rules, reduce market anxiety, and simplify tackling risks (such as systemic risk, legal risk, and liquidity risk).
Firewall Analyzer comes equipped without-of-the-box support for Basel II compliance. Firewall Analyzer fulfills the following requirements of Basel II.
| Rules | Description | How Firewall Analyzer meets this requirement |
|---|---|---|
| ITGP1 | Information management and technology form a critical part of operational risk management. Practitioners, internal auditors, and financial services experts should be aware of the significance of information risk. | FFirewall Analyzer has the capability to review the logs periodically and has alerting mechanisms for security functions like Intrusion Detection System and AAA servers (like RADIUS). With this solution, you can configure alerts to meet your security related log reviews. |
| ITGP2 | The internal IT audit function should be effective and comprehensive. Skills, resources, and funding should be adequate to ensure audit effectiveness. | ITGP2.b Firewall Analyzer can retain the database and archive your raw logs for more than 90 days. ITGP2.a With Firewall Analyzer's Audit Log report, users can get information on logical access attempts and commands executed to their network devices. |
| ITGP3 | Information management and technology should be governed by an adequate set of policies, processes, and procedures for risk management. The guidance given to practitioners, internal auditors, and financial services experts should be in line with the organization's GRC framework. | Firewall Analyzer provides you a detailed report on all configuration change records over a period of time, which serves as a proper documentation of all changes made to the firewall policies. |
| ITGP4 | In information management and technology, specific risk assessments should be conducted using approved methods in line with the organization's GRC framework. Risk assessments should take into consideration the technology-specific complexity and indirect risk factors. | Firewall Analyzer has the capability to carry out vulnerability assessment and it provides you instant reports that help you to mitigate the vulnerabilities identified in the assessment. |
| ITGP6 | Information management and technology should be governed—by an adequate set of policies, processes, and procedures—for risk control and mitigation. The guidance given to practitioners, internal auditors, and financial services experts should be in line with the organization's GRC framework. | Firewall Analyzer provides you detailed information on firewall configuration changes, which facilitates approval and testing of network connections. The solution triggers real-time alerts upon any configuration changes that help administrators to take immediate actions upon any misconfiguration. |
| ITGP7 | Information management and technology should be protected by a comprehensive continuity management process. The IT continuity management process should be in line with the organization-wide business continuity management framework. | Firewall Analyzer provides you an option to back up and store firewall configurations at regular intervals. With the help of these backups, we will be able to recover from disaster in order to maintain the business continuity management. |
Refer Firewall compliance management software page for more details about other firewall security standards compliance.
Featured links
Manage your firewall rules for optimum performance. Anomaly free, properly ordered rules make your firewall secured. Audit the firewall security and manage the rule/config changes to strengthen the security.
Get a slew of security and traffic reports to asses the network security posture. Analyze the reports and take measures to prevent future security incidents. Monitor the Internet usage of enterprise users.
Unlock the wealth of network security information hidden in the firewall logs. Analyze the logs to find the security threats faced by the network. Also, get the Internet traffic pattern for capacity planning.
With live bandwidth monitoring, you can identify the abnormal sudden shhot up of bandwidth use. Take remedial measures to contain the sudden surge in bandwidth consumption.
Take instant remedial actions, when you get notified in real-time for network security incidents. Check and restrict Internet usage if banwidth exceeds specified threshold.
MSSPs can host multiple tenants, with exclusive segmented and secured access to their respective data. Scalable to address their needs. Manages firewalls deployed around the globe.