The implications of a firewall configuration error can be severe
- from a security breach to network downtime, or even a network
service interruption. So it is important to analyze the impact of
every change before it is implemented in the production
environment. The same is true for the firewall gateway operating
system, where routine system maintenance can expose vulnerabilities
or even disrupt business.
In addition, you must be able to assess risk and vulnerability
at any given time - for all relevant network security devices. The
challenge is greatest in distributed organizations with multiple
teams. Inevitably, different teams develop their own standards and
working methodologies. To ensure that everybody is successfully
implementing security guidelines, organizations need to implement
automated solutions that can evaluate risk and compliance at all
The Risk Browser enables you to view the individual risk factors
that contribute to your overall Security Risk Score, such as risky
and permissive rules. Risky rules allow traffic between certain
network zones, usually from an insecure zone to a more secure one.
With Network Topology
Intelligence, SecureTrack automatically determines the zones
and identifies the risky rules.
A Rich Toolset for Analysis
To manage risk and ensure business continuity, SecureTrack uses
a multi-step approach:
- First, you define your organization's security compliance
policy for mission critical and risky services within SecureTrack.
SecureTrack automatically compares every change that is made to the
firewall configuration and sends out a real-time alert in case of a
violation to the compliance policy. This capability is supports
both network layer and next-generation firewalls and works
transparently in heterogeneous environments.
- Before implementing a change, you can use SecureTrack's Security Policy
Analysis to identify possible conflicts or violations. This
pro-active risk analysis tool can save hours of painstaking, manual
rule base review. Network topology discovery automatically
identifies the relevant devices in a query and makes it easy to
define zone-based queries. You can also define queries using
next-generation application and user objects.
- The automated Security Risk Report instantly evaluates the
current level of risk and displays your Security Score along with
scoring on a prioritized list of risk factors. The report can be
run at the organizational level or per gateway, and indicates risk
trends in addition to the current state. To determine the Security
Score, the report uses your compliance policies as well as a group
of pre-defined risk factors culled from leading industry