Policy and Risk Analysis

The implications of a firewall configuration error can be severe - from a security breach to network downtime, or even a network service interruption. So it is important to analyze the impact of every change before it is implemented in the production environment. The same is true for the firewall gateway operating system, where routine system maintenance can expose vulnerabilities or even disrupt business.

In addition, you must be able to assess risk and vulnerability at any given time - for all relevant network security devices. The challenge is greatest in distributed organizations with multiple teams. Inevitably, different teams develop their own standards and working methodologies. To ensure that everybody is successfully implementing security guidelines, organizations need to implement automated solutions that can evaluate risk and compliance at all times.

Policy Analysis

A Rich Toolset for Analysis

To manage risk and ensure business continuity, SecureTrack uses a multi-step approach:

  • First, you define your organization’s security compliance policy for mission critical and risky services within SecureTrack. SecureTrack automatically compares every change that is made to the firewall configuration and sends out a real-time alert in case of a violation to the compliance policy. This capability is supports both network layer and next-generation firewalls and works transparently in heterogeneous environments.
  • Before implementing a change, you can use SecureTrack’s Security Policy Analysis to identify possible conflicts or violations. This pro-active risk analysis tool can save hours of painstaking, manual rule base review. Network topology discovery automatically identifies the relevant devices in a query and makes it easy to define zone-based queries. You can also define queries using next-generation application and user objects.
  • The automated Security Risk Report instantly evaluates the current level of risk and displays your Security Score along with scoring on a prioritized list of risk factors. The report can be run at the organizational level or per gateway, and indicates risk trends in addition to the current state. To determine the Security Score, the report uses your compliance policies as well as a group of pre-defined risk factors culled from leading industry standards.
Security risk Report
Copyright © 2003-2012 Tufin Software Technologies Ltd.