|
|
SecureTrack is typically installed on a standalone server-class PC running Redhat Linux (RHEL 3/4 or CentOS 3/4). It monitors changes made in Check Point, Cisco PIX and Juniper/Netscreen Firewalls.
Check Point Monitoring
SecureTrack uses Check Point OPSEC (Open Platform for Security) to track all the changes made by Firewall administrators logged onto a Check Point SmartDashboard or Provider-1 GUI.
Whenever the administrator saves the policy, or installs it on a set of Firewall modules, SecureTrack is immediately notified of the change. A secure OPSEC connection is then used to retrieve the new security policy, which is stored in SecureTrack's internal database.
Firewall OS Monitoring
SecureTrack monitors Check Point enforcement modules (SecurePlatform) for OS level configuration changes. It retrieves the configuration and performance data from each firewall module via SNMP at pre-determined intervals. When a change is detected in the configuration of a monitored firewall, SecureTrack records the configuration change in its database, and creates a new OS configuration revision. OS performance data is maintained in SecureTrack’s database for reporting and health-checking.
In addition, users can define real-time alerts for enforcement modules based on various thresholds (CPU, memory, disk usage, etc). When the selected setting reaches the pre-configured threshold, SecureTrack sends an alert to selected users.
Cisco PIX and Juniper/Netscreen Firewall Monitoring
Cisco PIX and Juniper/Netscreen Firewalls are monitored by periodically logging onto each device via SSH, and fetching the Firewall's configuration. ACLs and Firewall Policies are translated into SecureTrack's native XML rule base format, enabling a graphical rule base view for each device.
These operations occur seamlessly and automatically, without requiring any intervention by the administrator. Once the new policy version is downloaded and stored in the revision database, SecureTrack analyzes the changes made, and sends several types of real-time notifications:
- Detailed email reports
- Syslog messages
- SNMP traps
SecureTrack's policy change reports provide real-time configuration and change management, and integrate with external security management frameworks (e.g., SIM / SOC).
|
|
"IDC sees an accelerated demand for solutions that combine change management, risk and business continuity management along with enterprise helpdesk products integration."
Dan Yachin, Research Director, IDC EMEA Emerging Technologies
"SecureTrack's extensive real-time monitoring and analysis facilities can make light work of firewall change management and security policy compliance."
SC Magazine
"SecureTrack has made a measurable impact on Axpo’s firewall operations and has helped us to reduce service interruptions and network downtime."
David Spale, Axpo
"Compliance and complexity are driving the requirement for better capability in optimizing the existing firewall rules base, and examining the impact of any proposed rule changes."
Greg Young, Gartner
"With Tufin SecureTrack, we are able to provide increased levels of accountability with internal and regulatory compliance requirements."
Victor Hsiang, TransUnion
"Overall, we found SecureTrack a powerful firewall operations management tool that is particularly easy to use."
Network Computing
"The overwhelming majority of breaches at the firewall are from misconfiguration rather than any wily hacking of firewall vulnerabilities."
Greg Young, Gartner
"We are spending much less time manually updating each of our firewalls and can focus our attention on our customers. SecureTrack automation has made our team more efficient."
Bühler Werner, Axpo
|
|
|
 Resources |
|
|
|
|
|
|
|
|
| |
Copyright @ 2003-2008 Tufin Software Technologies Ltd. |
|
Home
Products
