ISO 27001:2013 Requirements

ISO 27001:2013 Regulatory Mandate deals with the Information Security controls that ensures your network security by monitoring Firewall Configuration Policies, Network Traffic through your perimeter devices and more. Firewall Analyzer helps meeting the requirements of this mandate with its out-of-the-box reports.

ISO 27001:2013 requirements met by Firewall Analyzer

Rules Description How Firewall Analyzer meets requirements
9.2 Refer the user accounts and remove unnecessary accounts(if any) Firewall Analyzer lists down the users of your firewall with which you can analyze the user accounts and decide on which user account is to be retained and which is to be removed
9.4 Configuring telnet is not advisable, use ssh instead. This will improve security Firewall Analyzer provides you the detail of all the Services viz., HTTP, Telnet, SSH and User Access details which helps you to manage your Firewall Access control efficiently by avoiding insecure services for Management Access
12.4.1 Enabling the log information will help you to look for details for every transaction. Keep the logs for 6 months Firewall Analyzer enables firewall devices logging and it archives firewall logs that helps you to keep track of every transaction made
12.4.2 Protect your logs by encrypting those while storing it. This prevents unauthorized access Firewall Analyzer has the capability to enrypt raw logs that prevents unauthorized access
12.4.3 Know what commands are executed in your firewall, Need to enable admin logs Firewall Analyzer provides you out-of-the-box report on all the commands that are executed in your firewall device
12.4.4 Configuring NTP server helps all machines time synchronized Firewall Analyzer helps you to know the NTP server configuration details that provides better insights on time synchronization of all machines
13.1.1 Verify that inbound and outbound traffic is limited to that which is necessary for the cardholder data environment, and that the restrictions are documented Firewall Analyzer provides you out-of-the-box detailed reports on all the rules that deals with

  • Allowed Traffic from and to your DMZ
  • Non-Documented Denied traffic from and to your DMZ
These reports helps you to analyze your inbound and outbound traffic on your business sensitive data environment and allows you to block the unwanted traffic
13.1.3 Limit inbound Internet traffic to IP addresses within the DMZ Firewall Analyzer provides you a detailed report on rules that allows traffic from Untrust zone to your DMZs/Non- DMZs. This helps you to analyze your internal internet traffic and allows you to limit the internet traffic to IP addresses within your perimeter network
13.1.4 Do not allow any direct connections inbound or outbound for traffic between the Internet and the data environment Firewall Analyzer's detailed reports on all the rules that is configured to allow traffic from secured data zone to untrust sources, helps you to analyze the inbound/outbound traffic between the internet and the data environment.It also allows you to block the direct network connections if any
13.1.5 Do not allow internal addresses to pass from the Internet into the DMZ. Firewall Analyzer provides you the rules report on

  • Allowed Traffic from External IPs to DMZs via WAN interface
  • Allowed Traffic from Internal IPs to DMZs via WAN Interface
These report helps you to block internal addresses to pass from internet to the perimeter network.

Customer Speaks

"The implementation was so easy and the Firewall Analyzer immediately started showing me how much inbound and outbound traffic was passing through our firewalls.I now use Firewall Analyzer daily!"

-Phil Avella
Manager,Information Systems
Thunder Bay District Health Unit
A single platter for comprehensive Network Security Device Management