Analytics
5/27/2009
02:17 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Secure Passage Offers Free Firewall Auditing Tool For PCI

Firewall Auditor 1.0 helps sysadmins evaluate firewall configurations, policies, and rules for security and compliance

OVERLAND PARK, KS — May 27, 2009 — Secure Passage, the leading supplier of firewall policy, risk and compliance management solutions, today announced Secure Passage Firewall Auditor, an application that enables IT administrators to quickly and easily evaluate firewall configurations, policies and rules for security and compliance. The company is making Secure Passage Firewall Auditor freely available for evaluating firewall compliance with the Payment Card Industry Data Security Standards (PCI DSS). Using the Firewall Auditor, IT security administrators will be able to quickly and easily import configuration data into the application and generate a comprehensive and accurate report that will enable them to evaluate configurations against the PCI DSS and take steps to remediate non-compliant configurations.

"Firewall configurations are so complex that attempting to evaluate them manually for compliance and remediation is all but impossible," said Jody Brazil, Secure Passage President and CTO. "Secure Passage Firewall Auditor will bring much needed relief to IT administrators charged with not only making sure that firewalls are secure and compliant but also with countless other tasks that contribute to complicated network environments."

The Microsoft Windows client application is the first solution of its kind available to IT security market. It is based on the firewall management and compliance industry's leading solution, FireMon, but does not require FireMon to be installed to operate.

With Secure Passage Firewall Auditor, firewall administrators can quickly and easily:

  • Retrieve and import firewall configurations from Check Point, Cisco and Juniper firewalls
  • Inspect configurations for non-compliance with major industry and government regulations
  • Produce accurate reports that display where and why rules and policies are non-compliant
  • Take steps to remediate non-compliant configurations

    With Secure Passage Firewall Auditor's PCI DSS report template, IT administrators can quickly and easily:

  • Evaluate 15 PCI DSS requirements from sections 1, 2 and 6, including: 1.1.5, which requires an assessment of the network services that the firewall policy permits to and from the PCI network segment; 1.2.1, which requires an assessment of the interaction between all wireless networks and the PCI network segment; and 2.3.0, which requires an assessment of administrative access into PCI systems, ensuring that appropriate encrypted access is enforced
  • Specify key input criteria to customize the audit to their organizations own, unique environment

    Availability Secure Passage Firewall Auditor 1.0 will be generally available during the second quarter of 2009.

    Secure Passage Social Media Links Follow Secure Passage on Twitter: @SecurePassage Join Secure Passage on Facebook: http://www.facebook.com/home.php#/group.php?gid=89462499187&ref=ts Join Secure Passage on LinkedIn: http://www.linkedin.com/companies/secure-passage?trk=co_search_results&goback=.cps_1243381578298_1

    About Secure Passage Secure Passage is the leading provider of firewall policy, risk, and compliance management solutions that simplify and automate the analysis of Configuration and Change Management processes to enhance security, optimize performance, and speed compliance reporting. The company's flagship product, FireMon, analyzes changes and performs audits in real-time, simplifies policy management, and enforces configuration governance across firewalls, switches, routers and other network devices. FireMon is the only solution on the market that can be customized to meet the unique audit and compliance reporting requirements for networks of all sizes while enabling IT organizations to do more with less effort. Enterprise strength deployments of FireMon around the world support more than 25,000 security devices from vendors such as Cisco, Juniper, Checkpoint, and McAfee. For more information, visit www.securepassage.com.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    White Papers
    Flash Poll
    Current Issue
    Cartoon
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2014-0607
    Published: 2014-07-24
    Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

    CVE-2014-1419
    Published: 2014-07-24
    Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

    CVE-2014-2360
    Published: 2014-07-24
    OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.

    CVE-2014-2361
    Published: 2014-07-24
    OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

    CVE-2014-2362
    Published: 2014-07-24
    OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

    Best of the Web
    Dark Reading Radio
    Archived Dark Reading Radio
    Sara Peters hosts a conversation on Botnets and those who fight them.