Skybox Security

Firewall Assurance

Never let your guard down

Firewalls are your first line of network defense. To keep them secure and policy compliant – you have to conduct regular firewall audits to check for misconfigurations and conflicting rules that cause security gaps. Multiply a firewall audit times dozens or hundred of firewalls, and you have a major administration headache. Skybox® Firewall Assurance gives IT teams firewall management power to radically boost firewall security and free up time for other mission-critical tasks.

Business Benefits

  • Automate firewall PCI compliance audits with reports in minutes
  • Enhance visibility and oversight of firewall management process
  • Fulfill firewall audit requirements for regulations such as PCI DSS, SOX, ISO, NSA, NERC, FISMA.

 

Technical Benefits

  • Find and remediate firewall security issues quickly
  • Optimize firewall rulesets and reduce configuration errors
  • Test planned firewall changes in advance
  • Add-on module incorporates workflow capabilities for more efficient firewall change management processes

 

Features

Classic Features
  • Automatically import firewall configuration data and look for rule conflicts and misconfigurations
  • Find shadowed, redundant, and unused rules
  • Create firewall audit reports and compliance metrics
  • Track changes made to firewall access rules and objects
  • Out-of-the-box best practice policies based on NIST, NSA, NERC and PCI DSS standards
Exclusive Features
  • Discovers access policy violations, and provides root cause analysis
  • Patented What-if analysis checks planned firewall changes before they are made, avoiding errors
  • Model and analyze firewall access paths
  • Integrates with firewall change assurance module to close the workflow loop
  • Supports the most comprehensive list of firewall vendors, including legacy or custom firewalls through the API
  • Custom integration via an API to support enterprise workflow solutions

 

Case Study

With over 8,000 employees and worldwide office locations, this financial services firm deployed Skybox Firewall Assurance to centrally audit firewalls, protect its clients’ personal data and provide proof of compliance with PCI DSS. With Skybox Firewall Assurance in place, the organization is now able to:

  • Collect, audit and analyze firewall configurations on a daily basis
  • Demonstrate continuous PCI DSS compliance to its customers and auditors
  • Collect, audit, and analyze firewall configurations daily instead of every six weeks
  • Immediately identify firewall security threats such as violating ACL’s
  • Automate the steps to create and implement remediation plans

 

How It Works

Step 1 – Collect. Skybox Firewall Assurance automatically collects firewall configuration data, log files, and corporate security policies. A normalized firewall configuration repository is created, allowing fast and consistent evaluation of different firewalls. Configurations may be entered manually or collected automatically from existing configuration repositories.

Step 2 – Analyze. Firewall Assurance correlates firewall configuration and policy data with industry standards and firewall management best practices. Security and compliance gaps are identified and prioritized to show firewall administrators the areas of greatest concern.

Step 3 – Report and Act. Status reports are generated for different users in the organization. Network operations reports enable teams to optimize firewall rules and identify firewall misconfigurations. Corporate security teams can view firewall change assurance reports and validate the results of on-demand firewall audits. Overall compliance reports are generated for top-level executives.