SecureTrack Policy Analysis calculates effective Firewall Policy by taking all possible rule base complexities into account. Enabling easy queries into the rule base, you have the information you need to implement a truly effective policy that suits your organization.

With SecureTrack, Policy Analysis is performed on every Firewall policy change and stored in the SecureTrack database. You can query the most recent rule base or historical rule bases for incident-handling and forensics.

Policy Analysis allows you to:

• Detect whether your rule base is vulnerable to specific attacks
• Calculate how different networks can connect to each other, both explicitly and implicitly
• Reduce the complexity of your rule base and easily visualize its traffic patterns

In a large enterprise, it is next to impossible to manually analyze the effects of your rules on every part of your network. The complex rule base that governs your Firewall has evolved over time depending on changes made by multiple administrators. How can you decipher which changes affect each of the devices? How can you untangle mistakes and ensure smooth management of your Firewalls? Beyond the sheer size of large rule bases, advanced rule base features make it even more difficult to analyze and understand:

• Disabled and expired rules make the rule base difficult to read
• Negated objects cause confusion and unforeseen problems ("all objects except for...")
• Object groups hide individual objects, and require you to manually view each group's contents to fully understand their contents
• Groups with exclusion require precise naming to avoid confusion ("group A minus B")

Even top security professionals need tools in order to efficiently do their job.
SecureTrack Policy Analysis puts the power to manage your Firewalls directly in your hands.