Академический Документы
Профессиональный Документы
Культура Документы
Security Manager
Broker
Bank Database
Internet
Customer
Wire Services
Hacker
Tufin SecureTrack
Security Operations Management
A Comprehensive Approach
Improves security and uptime Increases operational efficiency Optimizes resource utilization Reduces risk and assures business continuity Enables compliance with regulations and standards
Main Benefits
Complete, real-time Change Management Full accountability know who made which changes, and when Test every firewall change against corporate policy Rule Base Optimization & Cleanup Tighten your rule base remove expired & unused rules Business Continuity Management Evaluate business impact of changes to avoid network downtime Risk Management Reduce firewall complexity by simulating the rule base Analyze rules for threats and mis-configurations Auditing & Compliance with regulations and standards Audit configuration against Best Practices and Corporate Policy Automate PCI-DSS auditing Comply with SOX, HIPAA, ISO 17799, Basel II
5
Network Diagram
Stores every change in SecureTracks database Calculates Effective Rule Base for analysis Tests rule changes for policy compliance Sends real-time and scheduled email reports
Transportation
Energy
Health / Pharmaceutical
Others
8
-Company Confidential-
SecureTrack Appliance
SecureTrack Appliance - Industrys First Appliance-Based Firewall Operations Management Solution Simplifies installation and maintenance Single point of contact for support Mid-size and High-end models T-500: Medium to large organizations (~100 Firewalls) T-1000: Large organizations (~500 Firewalls) T-1000 XL: Super-sites (~750 Firewalls) True network appliance look & feel 2 NICs, RAID, Dual Power Supply, Console port Shallow depth (=<20) USB Disk-on-key for recovery Included with every shipping Tufin appliance
10
Each Save or Policy Install creates a separate Policy Revision in SecureTrack List of Monitored Management Servers and Devices
11
Select any pair of revisions and click on Compare to view the graphical diff
New Rule
12
13
Most used rules - may be moved higher to optimize firewall performance Least used rules - may be moved lower to optimize firewall performance
Un-used objects within rules may be removed from rules for lower exposure
Un-used rules may be removed from the policy for better performance and security
14
Policy Analysis
Risk management Determine whether a vulnerability on a certain port is exploitable Business continuity Determine whether business-critical connections are blocked or allowed through your rules base Analyze the firewall rule base for the effective policy What traffic will be accepted by this policy? What rules cause partial or complete shadowing of other rules in the security policy? Supports complex rule features Disabled rules, negated object, groups with exclusion
15
Policy Analysis 2
SecureTracks Policy Analysis queries the effective rule base using the source, destination, service or action. The analysis result is a list of rules that accept the chosen traffic pattern. Policy Analysis can be performed against historical revisions as well (forensics)
16
Compliance Alerts
18
Firewall OS Monitoring
Firewall OS Monitoring Check Point SecurePlatform Configuration management for OS-level changes Route changes, interface changes, etc. Performance Monitoring (MRTG for Firewalls) Health-checking and threshold monitoring Risk Management for OS level changes Business Continuity for the Firewall hardware and OS Easy analysis of potential down-time causes
OS Performance Monitoring
19
20
21
Reporting
Detailed reports enable tight policy control Support manual or scheduled report generation Recurring reports (daily, weekly, monthly) Customizable recipients (per report) Integrated email support for scheduled reports Report profiles saved per-user Different email formats Embedded HTML, PDF or MHT
22
The New Revision Report is sent via email - it contains all changes in graphical format. Can be sent to multiple recipients, on different events (Install Policy, Save Policy, etc).
23
Useful for determining how inconsistent rules were modified (step-by-step) up to the current version. Accountability - clearly displays the Firewall administrator responsible for each change.
24
Additional Reports
Advanced Change Report Displays changes made under certain criteria: Which Management Servers / CMAs Which administrators When the changes occurred Business Ownership Change Report Analyze changes for defined network segments Schedule reports for specific stakeholders Firewall Module Change Report Different modules may have different policies Examine Policy Installations on specific modules Track policy changes on each module
25
26
27
Thank You
Raoul Fondi Italy Country Manager Contacts:
Italy Sales: 0039-335-69-70-762, raoul@tufin.com International Sales: +972-3-612-8118, sales@tufin.com
28