Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

11/15/2010
05:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Athena Security Debuts New Firewall Rule Tracker

Athena is offering the Rule Tracker to end users looking to comply with PCI DSS 1.1.5 and NERC R2.2

CHICAGO, November 15, 2010 –Athena Security, the developers of Athena FirePAC, a comprehensive enterprise firewall audit and operations tool, today announced the release of Firewall Rule Tracker, the industry’s only asynchronous documentation solution for recording the reason why specific firewall rules exist in enterprise networks.

While firewalls are widely deployed in more than 97 percent of enterprises today, firewall rulebases have grown at an alarming rate. The knowledge surrounding legacy rules dissipates over time, leaving enterprises with too many risky rules that remain unjustified.

At heart, the system tracks rules based on what the rule is doing, rather than its line number in the configuration (which changes every time new rules are added or deleted). This is perhaps the biggest reason why documentation is oftentimes inconsistent and incomplete. Performing a textual comparison of the rule before and after it has been modified does not capture the full story, but that is the extent to what is available from most change management systems.

One of the ABC’s of firewall rule management is to make sure that every rule that pokes a hole in the firewall’s security has been justified for a legitimate business purpose. For example, an average Cisco rulebase has an average of 1,325 rules according to researchers from the University of Notre Dame. Multiply the number of rules in a single firewall across enterprises with 10, 50, to more than 100 firewalls and the issue of frequent documentation is both a time consuming and daunting task that is easily trumped by the administrator’s need to resolve more pressing issues, such as troubleshooting network outages.

“Our consulting partners tell us that less than 20 percent of the clients they audit can demonstrate up-to date and complete documentation”, says Anjali Gurnani, vice president of business development, Athena Security. “It is scary to think that the original reason why certain rules are providing access to critical network systems and confidential data may no longer be known.”

For auditors, especially PCI QSAs, reviewing the documentation for each firewall rule is an ideal place to identify lax security controls, general rulebase neglect and other red flags that trigger the need for further investigation. For companies that wish to correct this deficiency in their security program, Athena’s Rule Tracker offers an easy way to set things right. Unlike elaborate systems that involve months of process re-alignment, Athena’s Rule Tracker recognizes that teams collaborate far more easily with spreadsheets. By using a spreadsheet approach and built-in intelligence to make the system highly user-friendly, Athena’s Rule Tracker is flexible enough to be used in any change process.

Rule Tracker compares two versions of a configuration and immediately identifies what changed so users can add missing documentation which is then automatically retained and available for reporting.

What Athena accomplishes for organizations is a convenient and simple way to certify what access is acceptable throughout the rule’s lifecycle. The benefits of using the Rule Tracker to facilitate documentation are:

* Device connections are not required to identify rule changes * Business justification history is retained in-system, so users can isolate missing information and add it incrementally * Users can generate spreadsheet reports, share with other stakeholders, and re-import documentation changes to the database * Support for mixed vendor network environments including Cisco, Check Point and Netscreen firewalls

Athena is offering the Rule Tracker to end users looking to comply with PCI DSS 1.1.5 and NERC R2.2, or for internal documentation and security reporting purposes. While the system is designed to keep documentation current on a perpetual basis, consultants will also find the tool a handy way to bring clients up-to-date on regularly scheduled intervals.

The Athena Firewall Rule Tracker is available immediately as a standalone tool and also as an add-on solution to its FirePAC product. Pricing starts at $250/firewall. For more information, please see http://www.athenasecurity.net/index.html.

About Athena Security

Athena offers infrastructure analysis tools that identify the precise relationship between firewall rules and network services in a single device or across a complex network. With a comprehensive focus on configuration data, Athena helps network and security engineers perform a "what-if" analysis that reduces the reliance on diagnostics and validation by ad.hoc testing. Over 300 companies turn to Athena products, Athena FirePAC and Athena Verify, for standardized and consistent automation and intelligence to reduce the time and effort required for policy management on network security devices. For more information see http://www.athenasecurity.net.

Media Contact:

Anjali Gurnani Athena Security Phone: 630-629-0600 x21 [email protected]

Dan Chmielewski Madison Alexander PR for Athena Security Phone: 714-832-8716 [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15208
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
CVE-2020-15209
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
CVE-2020-15210
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
CVE-2020-15211
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
CVE-2020-15212
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...