skybox notes

skyboxsecurity

Firewall Optimization and Cleanup

• shadowed rules
• redundant rules
• rule usage, unused identified

Firewall Policy Compliance

• out of the box cis benchmarks
• examples: snmp community string violations
• access (rule) policy violations
• example: login services to dmz

Network Visibility and Intelligence

• firewall map
• zones
• validation
• missing hops
• export as image or visio
• access analyzer!! will show which firewalls allow and which deny, identify which devices need rules

Vulnerability Control - Actionable Remediation

• risk = impact x likelyhood
• remediation tickets and tracking

Vulnerability Control -Context-Aware Prioritization