Firewall Auditing

Lancope’s StealthWatch® System is the leading Network Behavior Analysis solution worldwide. Delivering visibility across physical and virtual networks, StealthWatch eliminates network blind spots and reduces total network and security management costs.

Firewalls have long been a necessary means for reducing the attack surface for Enterprises and end users alike. When properly configured, they can be very effective. However, configured rules and actual traffic don’t always map to one another. As well, fat fingered firewall rules are an ever present danger. Much attention is given to software operating system vulnerabilities, yet misconfigurations represent another means of weakening the enterprise’s security stature.

Having a means of monitoring actual traffic, ports and services included, provides a convenient and effective means of auditing the current firewalls configurations to ensure that actual traffic adheres to security policies. In fact, PCI compliance emphasizes the importance of such proper configurations through insisting that corporations shut down ports and services not necessary for normal business operations.

By monitoring and profiling all services and ports on the network, StealthWatch delivers unified visibility across physical and virtual networks that:

• Enables scenario analysis of firewall changes before implementing as a risk free means of verifying and /or measuring the impact of such changes without adversely affecting the end user network experience

• Provides a network wide view of traffic composition enabling you to see at a glance which services are in use and how much bandwidth each consumes

• Confirms ports and services necessary for normal business operations

• Highlights those ports and services that may have been overlooked

• Alarms on out of profile and unauthorized access conditions

• Mitigates (optional) violations to firewall configuration policy