Athena Security Announces Firewall Rule Tracker
Athena Security, the developers of Athena FirePAC, a comprehensive enterprise firewall audit and operations tool, recently announced the release of Firewall Rule Tracker, the industry’s only asynchronous documentation solution for recording the reason why specific firewall rules exist in enterprise networks.
While firewalls are widely deployed in more than 97 percent of enterprises today, firewall rulebases have grown at an alarming rate. The knowledge surrounding legacy rules dissipates over time, leaving enterprises with too many risky rules that remain unjustified.
At heart, the system tracks rules based on what the rule is doing, rather than its line number in the configuration (which changes every time new rules are added or deleted). This is perhaps the biggest reason why documentation is oftentimes inconsistent and incomplete. Performing a textual comparison of the rule before and after it has been modified does not capture the full story, but that is the extent to what is available from most change management systems.
One of the ABC’s of firewall rule management is to make sure that every rule that pokes a hole in the firewall’s security has been justified for a legitimate business purpose. For example, an average Cisco rulebase has an average of 1,325 rules according to researchers from the University of Notre Dame. Multiply the number of rules in a single firewall across enterprises with 10, 50, to more than 100 firewalls and the issue of frequent documentation is both a time consuming and daunting task that is easily trumped by the administrator’s need to resolve more pressing issues, such as troubleshooting network outages.
“Our consulting partners tell us that less than 20 percent of the clients they audit can demonstrate up-to date and complete documentation,” said Anjali Gurnani, vice president of business development, Athena Security. “It is scary to think that the original reason why certain rules are providing access to critical network systems and confidential data may no longer be known.”
For auditors, especially PCI QSAs, reviewing the documentation for each firewall rule is an ideal place to identify lax security controls, general rulebase neglect and other red flags that trigger the need for further investigation. For companies that wish to correct this deficiency in their security program, Athena’s Rule Tracker offers an easy way to set things right. Elaborate systems that involve months of process re-alignment have not failed, but they have failed to catch on. Athena’s Rule Tracker recognizes that teams collaborate far more easily with spreadsheets, and provides the built-in intelligence and an interface that makes management of the data more efficient.
Using a spreadsheet-like interface, Athena’s Rule Tracker compares two versions of a configuration and immediately identifies what changed so users can add missing documentation which is then automatically retained and available for reporting.
The Athena Firewall Rule Tracker is available immediately as a standalone tool and also as an add-on solution to its FirePAC product. For more information, please see http://www.athenasecurity.net/index.html.