Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

1/14/2009
02:24 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Athena Security Rolls Out FirePAC 2.0 Firewall Policy Analysis Solution

Available to network engineers as a free Internet download

January 14, 2009, Lisle IL, Athena Security, the leader in sophisticated yet affordable products for reducing the cost to manage and understand complex firewalls, announced today the general availability of Athena FirePAC 2.0. FirePAC is easy to use, downloadable and cost effective software for troubleshooting service availability, hardening the firewall against security risks, predicting the impact of ACL rule changes, and cleaning up unruly rulebases. For as little as $399 per firewall, companies of any size can instantly generate FirePAC's full set of detailed reports for Cisco (PIX and ASA), Checkpoint or Netscreen firewalls.

With growing business consolidation and spending cutbacks, companies are faced with limited resources for ensuring the best firewall security posture. Now engineers can turn to Athena FirePAC to significantly improve investments in existing infrastructure. FirePAC 2.0 offers consistent, verifiable assessment results for ensuring a well-designed security policy that works to provide access to internal networks from authorized sources, while correctly preventing unauthorized access.

Gregory Nicozisis, Senior Security Architect at 99 Only Stores, a billion dollar publicly held retailer based in Texas says, "When compared to the other tools I have evaluated, there is no comparison for the reports, price and functionality. Athena FirePAC provided proof of compliance through a third party tool. Further, excellent granular detail of firewall configurations provided 'beyond' PCI compliance by enhanced security modifications. When I recommend FirePAC to friends, I simply tell them 'It's great, cheap and works!"

New features in FirePAC 2.0 include:

PCI DSS V1.2 analysis to determine compliance to the firewall related PCI requirements in a single convenient report. This report contains a list of control items as well as customized policy calculations to verify that the firewall is configured to keep credit card data secure.

A list of the ACL rules that are responsible for the highest number of security exposures in the configuration. Designated as "culprit rules", this list can be used for pinpointing priority rule changes.

New user interface designed to work for any skill level. Working with FirePAC does not require any training or technical skill. Installation takes minutes, and with two very simple steps, users can generate a complete assessment.

Over 120 security policy checks. Taken from the industry's most notable authorities on network security, this comprehensive library immediately transforms any firewall from complex to simple.

Audit friendly data collection that is also safe to use. FirePAC uses no active connections to the device by performing static analysis on a configuration file.

FirePAC still has the other same great benefits. The policy query capability allows users to bound the analysis to answer specific questions for debugging the policies and pinpointing rule changes for remediation purposes.

FirePAC's policy comparison feature shows the impact of rule changes to the overall behavior of the firewall. It is used to model the effect of a change before it is deployed to the network, or after, to verify that the rules implement a given security policy correctly. This feature goes way beyond a text difference of two configuration versions. It reveals how ACL changes can ripple across the firewall to cause unexpected differences in policy.

Over 300 companies are using FirePAC to tighten the policies on their firewalls so they can drive down management costs and do more with less. FirePAC 2.0 is immediately available as licensed software or through the Athena ReportZone service. Existing customers can upgrade for no additional charge.

For more information, please see http://www.athenasecurity.net or contact the Athena Security sales department at 630-353-1900.

About Athena Security Athena provides comprehensive analysis tools for managing and simplifying firewall configuration complexity. We make this possible by revealing the precise relationship between firewall rules and network services in a single device or across an entire network. Developed to address the operational needs of network engineers, Athena's products provide safe, offline analysis with the strength, attention to detail, scale and flexibility necessitated by companies of all sizes. For more information, please see http://www.athenasecurity.net. ### Media Contact: Anjali Gurnani Athena Security Phone: 630-353-1900 x21 [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21392
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addre...
CVE-2021-21393
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-29429
PUBLISHED: 2021-04-12
In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded in...
CVE-2021-21394
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-22497
PUBLISHED: 2021-04-12
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.