Firewall Auditor - What is the Firewall Auditor?


	Download Now What is Firewall Auditor? Secure Passage’s Firewall Auditor is a free tool that will enable you to assess your firewalls against the firewall-specific requirements of the Payment Card Industry (PCI) Data Security Standard (DSS). It provides a full report outlining the measurement of your firewall policy and the security rules contained in the policy with relation to DSS requirements for zone-based service definition. DetailsAfter the Assessment Simple Input Using three input types, Firewall Auditor can determine if your firewall complies with 15 PCI DSS 1.2 requirements: PCI Summary Zones: Firewall Auditor accepts the definition of your critical network zones, including the zone where cardholder data is stored and processed, wireless networks, and the DMZ. Services: Firewall Auditor also captures the services that you’ve justified as necessary between those zones. Configuration: once defined, the zones and services are evaluated against a firewall configuration that you provide. The results of this evaluation are provided in a single report that explains the compliance status of your firewall. Powerful, Detailed Results For each requirement, the PCI Compliance Report explains whether the firewall configuration passed or failed the requirement. When the configuration fails a requirement, the report provides a detailed accounting of the configuration elements that caused the failure. For instance, requirement 1.1.5b requires that only those services necessary for cardholder transactions be allowed. Firewall Auditor assesses the services that are allowed between the external network and the DMZ. If the configuration permits any service that should not be allowed between those zones, the configuration fails that requirement, and report lists all services that caused the failure. See an example report . Firewall Auditor can greatly reduce the time spent by automating your firewall assessment. However, there are other significant requirements that you can meet by using firewall management and analysis tools like Secure Passage’s FireMon. Change Management The very first PCI DSS requirement, 1.1.1, requires that changes to the firewall configuration be made only after they are approved in a change management process. FireMon’s Policy Planner feature automates firewall rule changes, provides rule recommendations, and tracks all change requests. Policy Planner is tightly integrated with FireMon's monitoring and change report, allowing for tracking from business request through technical implementation. Documentation and Justification Most PCI DSS requirements state that access allowed to cardholder data should be understood and justified by the business. FireMon's rule documentation feature is an interface and repository for documenting and tracking access and business justification purposes. Continuous Assessment Compliance isn’t a one-time goal. Once achieved, new access requests and changing business requirements can render a firewall non-compliant. With FireMon's automated PCI assessments, you can schedule continual compliance verification.