ISO 27001:2013 Regulatory Mandate deals with the Information Security controls that ensures your network security by monitoring Firewall Configuration Policies, Network Traffic through your perimeter devices and more. Firewall Analyzer helps meeting the requirements of this mandate with its out-of-the-box reports.
Rules |
Description |
How Firewall Analyzer meets requirements |
|---|---|---|
9.2 |
Refer the user accounts and remove unnecessary accounts(if any) |
Firewall Analyzer lists down the users of your firewall with which you can analyze the user accounts and decide on which user account is to be retained and which is to be removed |
9.4 |
Configuring telnet is not advisable, use ssh instead. This will improve security |
Firewall Analyzer provides you the detail of all the Services viz., HTTP, Telnet, SSH and User Access details which helps you to manage your Firewall Access control efficiently by avoiding insecure services for Management Access |
12.4.1 |
Enabling the log information will help you to look for details for every transaction. Keep the logs for 6 months |
Firewall Analyzer enables firewall devices logging and it archives firewall logs that helps you to keep track of every transaction made |
12.4.2 |
Protect your logs by encrypting those while storing it. This prevents unauthorized access |
Firewall Analyzer has the capability to enrypt raw logs that prevents unauthorized access |
12.4.3 |
Know what commands are executed in your firewall, Need to enable admin logs |
Firewall Analyzer provides you out-of-the-box report on all the commands that are executed in your firewall device |
12.4.4 |
Configuring NTP server helps all machines time synchronized |
Firewall Analyzer helps you to know the NTP server configuration details that provides better insights on time synchronization of all machines |
13.1.1 |
Verify that inbound and outbound traffic is limited to that which is necessary for the cardholder data environment, and that the restrictions are documented |
Firewall Analyzer provides you out-of-the-box detailed reports on all the rules that deals with
|
13.1.3 |
Limit inbound Internet traffic to IP addresses within the DMZ |
Firewall Analyzer provides you a detailed report on rules that allows traffic from Untrust zone to your DMZs/Non- DMZs. This helps you to analyze your internal internet traffic and allows you to limit the internet traffic to IP addresses within your perimeter network |
13.1.4 |
Do not allow any direct connections inbound or outbound for traffic between the Internet and the data environment |
Firewall Analyzer's detailed reports on all the rules that is configured to allow traffic from secured data zone to untrust sources, helps you to analyze the inbound/outbound traffic between the internet and the data environment.It also allows you to block the direct network connections if any |
13.1.5 |
Do not allow internal addresses to pass from the Internet into the DMZ. |
Firewall Analyzer provides you the rules report on
These report helps you to block internal addresses to pass from internet to the perimeter network. |
400-660-8680
