Analytics
5/27/2009
02:17 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Secure Passage Offers Free Firewall Auditing Tool For PCI

Firewall Auditor 1.0 helps sysadmins evaluate firewall configurations, policies, and rules for security and compliance

OVERLAND PARK, KS — May 27, 2009 — Secure Passage, the leading supplier of firewall policy, risk and compliance management solutions, today announced Secure Passage Firewall Auditor, an application that enables IT administrators to quickly and easily evaluate firewall configurations, policies and rules for security and compliance. The company is making Secure Passage Firewall Auditor freely available for evaluating firewall compliance with the Payment Card Industry Data Security Standards (PCI DSS). Using the Firewall Auditor, IT security administrators will be able to quickly and easily import configuration data into the application and generate a comprehensive and accurate report that will enable them to evaluate configurations against the PCI DSS and take steps to remediate non-compliant configurations.

"Firewall configurations are so complex that attempting to evaluate them manually for compliance and remediation is all but impossible," said Jody Brazil, Secure Passage President and CTO. "Secure Passage Firewall Auditor will bring much needed relief to IT administrators charged with not only making sure that firewalls are secure and compliant but also with countless other tasks that contribute to complicated network environments."

The Microsoft Windows client application is the first solution of its kind available to IT security market. It is based on the firewall management and compliance industry's leading solution, FireMon, but does not require FireMon to be installed to operate.

With Secure Passage Firewall Auditor, firewall administrators can quickly and easily:

  • Retrieve and import firewall configurations from Check Point, Cisco and Juniper firewalls
  • Inspect configurations for non-compliance with major industry and government regulations
  • Produce accurate reports that display where and why rules and policies are non-compliant
  • Take steps to remediate non-compliant configurations

    With Secure Passage Firewall Auditor's PCI DSS report template, IT administrators can quickly and easily:

  • Evaluate 15 PCI DSS requirements from sections 1, 2 and 6, including: 1.1.5, which requires an assessment of the network services that the firewall policy permits to and from the PCI network segment; 1.2.1, which requires an assessment of the interaction between all wireless networks and the PCI network segment; and 2.3.0, which requires an assessment of administrative access into PCI systems, ensuring that appropriate encrypted access is enforced
  • Specify key input criteria to customize the audit to their organizations own, unique environment

    Availability Secure Passage Firewall Auditor 1.0 will be generally available during the second quarter of 2009.

    Secure Passage Social Media Links Follow Secure Passage on Twitter: @SecurePassage Join Secure Passage on Facebook: http://www.facebook.com/home.php#/group.php?gid=89462499187&ref=ts Join Secure Passage on LinkedIn: http://www.linkedin.com/companies/secure-passage?trk=co_search_results&goback=.cps_1243381578298_1

    About Secure Passage Secure Passage is the leading provider of firewall policy, risk, and compliance management solutions that simplify and automate the analysis of Configuration and Change Management processes to enhance security, optimize performance, and speed compliance reporting. The company's flagship product, FireMon, analyzes changes and performs audits in real-time, simplifies policy management, and enforces configuration governance across firewalls, switches, routers and other network devices. FireMon is the only solution on the market that can be customized to meet the unique audit and compliance reporting requirements for networks of all sizes while enabling IT organizations to do more with less effort. Enterprise strength deployments of FireMon around the world support more than 25,000 security devices from vendors such as Cisco, Juniper, Checkpoint, and McAfee. For more information, visit www.securepassage.com.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    White Papers
    Flash Poll
    Current Issue
    Cartoon
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2012-6651
    Published: 2014-07-31
    Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_headers.php or (2) minify.php.

    CVE-2014-2970
    Published: 2014-07-31
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5139. Reason: This candidate is a duplicate of CVE-2014-5139, and has also been used to refer to an unrelated topic that is currently outside the scope of CVE. This unrelated topic is a LibreSSL code change adding functionality ...

    CVE-2014-3488
    Published: 2014-07-31
    The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

    CVE-2014-3554
    Published: 2014-07-31
    Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement.

    CVE-2014-5171
    Published: 2014-07-31
    SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network.

    Best of the Web
    Dark Reading Radio