Audit and Assurance

Expand all | Collapse all

Free tool for FW rule audit

  • 1.  Free tool for FW rule audit

    Posted 13 Sep, 2019 04:44
    I am looking for free tool for firewall rule audit. Please suggest with pros and cons.

    ------------------------------
    Rajesh Patil
    Senior Vice President - Information Security
    ------------------------------


  • 2.  RE: Free tool for FW rule audit

    Posted 13 Sep, 2019 14:37

    I would first suggest having an understanding of the current FW rules.

    Depending on the environment, look into using Nmap.
    Its a free port scanning tool.  That would be useful in confirming your understanding of the FW rules.

    If you are looking for vulnerability scanners, I would recommend Nessus, you could use a free trial.
    This would pick up on any vulnerabilities and firmware updates that could be applied.

    If looking for QoS or other attributes related to performance, it may depend on the FW vendor to review things like packet handling.

    I would also make sure that you run any scanning tools outside of normal work hours, if ran incorrectly, you could cause an outage!

    Jordan



    ------------------------------
    Jordan Novak
    Senior Security Analyst
    ------------------------------