Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9411
Views
5
Helpful
6
Replies

Firewall analizer for Policy Optimization and Cleanup

Maria Schiaffino
Level 1
Level 1

‎01-06-2012 06:13 AM - edited ‎03-11-2019 03:11 PM

Hi there,

I am looking for a firewall analizer which includes a feature for Policy Optimization and Cleanup.  If available, I would prefer an open source one, but I can look for another one.  I was wondering if you have any recommendations.

Thanks in advance for your help.

Regards,

Paula

Labels:
0 Helpful
6 Replies 6

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-06-2012 07:59 AM

Several companies make such products:

http://www.firemon.com/products/securitymanager/

http://algosec.com/en/products/firewall_analyzer

I've not used them myself.

0 Helpful

david.tran
Level 4
Level 4
In response to Marvin Rhoads

‎01-08-2012 07:29 AM

I think the original poster asked for recommendations from folks with actual experiences using the products.

Yes, I've used both Firemon, Algosec and Tufin products for firewall optimization and clean up.  All of the products rely heavily on the firewall logs.  The more archive log you have, the better the product is at optimizing and cleanup your rule base.

Ranking based on my opinion:

Tufin:  Excellent with checkpoint firewall, just OK for Cisco ASA firewall.  Tufin is an appliance

Firemon:  Really good with Cisco Pix firewalls.  Firemon is an appliance (a bundle of CentOS and Firemon Application)

Algosec:  OK with Cisco Pix IOS firewalls.  Algosec runs on Redhat Enterprise Linux

Christopher Hayre
Cisco Employee
Cisco Employee

‎01-06-2012 03:16 PM

Paula,

If you are a CSM customer, it currently has a couple of embedded tools for firewall policy analysis and rule consolidation.  I've found them to be incredibly handy in the past, particularly when performing routine audits/reviews.  Within the access policies section, you can perform the following:

1)Analysis - Analyzes the policy for duplicate/overlapping rules

2)Combine - Finds duplicate access control entries and presents you with the option of combining

3)Hit Count - Examine the usage of one or more rules

See the following doc for more information on these features:

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.2/user/guide/fwaccess.html

Thanks,

Christopher

0 Helpful

DanielleITCS
Level 1
Level 1

‎06-04-2018 05:30 AM

You might find real user reviews for all the major firewall analyzers already mentioned on IT Central Station to be helpful.

 

Users interested in these solutions also read reviews for Skybox Security Suite. In his review, this Information Security Architect writes that the most valuable feature of Skybox is "the firewall change audit every week. Also, being able to track firewall ACL usage, so that we can produce semiannual reports on ACL usage and on shadowed and redundant rules on the firewall." You can read the rest of his review here.

 

Good luck with your search. 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to DanielleITCS

‎06-04-2018 07:13 AM

It's bad form trolling a 6 year old post with links to your company's site.

0 Helpful

DanielleITCS
Level 1
Level 1
In response to Marvin Rhoads

‎06-04-2018 07:23 AM

So weird. When this came up on Google, it said that this thread was from 2017. I must have not been looking at the dates on the individual responses when I commented. 

 

I sincerely apologize, that was my bad. Please feel free to delete if you're a moderator. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card