Security Audit and Configuration Analysis Reports - Security Audit Reports


    Firewall Analyzer offers an exhaustive set of Firewall device compliance reports that help to address the security audit and compliance audit requirements.

    This report contains two tabs, Report and All Schedules.

    Report

    In this tab, Firewall Analyzer categorizes the threats faced to various levels and recommends configuration and other changes to tighten the security of the Firewall. The issues are assessed and the results are presented as statistics. It provides overall issue ratings of the Firewall device security audit. They are:

    • Critical
    • High
    • Medium
    • Low
    • Info

    The report consists of three sections. They are:

    • Security Audit Report section
    • Security Best Practices Report section
    • Device Configuration Report section

    Security Audit Report section

    This section of the report describes the following:

    • Issue Finding
    • Issue Impact
    • Issue Ease
    • Issue Recommendation
    • Issue Overall Rating

    Security Best Practices Report section

    This section of the report describes the security best practices. It consists of overview and recommendation. It covers the following areas:

    • Software
    • Services
    • Interfaces
    • Filtering
    • Authentication
    • Logging
    • Encryption

    Firewall Analyzer  lists the complete configurations in the device including ACLs/rules. 

    Device Configuration Report section

    This section details the configuration settings of the Firewall device.

     

    Note:

    In the Fetch Rules from the device section, if the following message appears: 'Unable to generate compliance report. Reason: Failed to locate Nipper. Click here to enable it'. Carry out the procedure given in this document.

     

    All Schedules

    Once you initiated a Security Audit report for a firewall device, you can set up schedules to generate the report automatically at specified time intervals. You can also configure Firewall Analyzer to automatically email the report once it is generated.

    Note:

    Scheduled reports are generated and emailed only as PDF files. If you are viewing PDF reports on a Windows machine, make sure you have Adobe Acrobat Reader installed.

    Click the All Schedules tab under the Security Audit tab takes you the All Schedules page to view the list of reports that have been scheduled so far. The list shows all the schedules that have been set up so far, along with the report profile they are associated with, the type of schedule, and options to delete the schedule.

    Select the schedule and click the Delete icon to delete a schedule. The Security Audit report profile associated with this schedule will no longer be generated automatically at the specified time interval.

    The enable/disable icon against a schedule is a toggle icon used to enable or disable a schedule.