Skybox Firewall Assurance (FA)

Skybox® Firewall Assurance provides comprehensive automation of firewall management tasks across different firewall vendors and complex rulesets. It simplifies compliance management, ensuring the state of your network is always in line with security policy design. And Firewall Assurance supports implementation of DISA STIGs and CIS benchmarks. Skybox also helps reduce risk on firewalls themselves, so they can better protect your assets. With config data, OS versions and powerful analytics, Firewall Assurance can spot vulnerabilities on firewall devices. Designed as a complete firewall life cycle management solution, Firewall Assurance empowers you to:

• Analyze virtual and cloud–based firewalls to better control east–west or north–south traffic

• Detect security and compliance problems using out–of–the–box or customized policies

• Track changes for continuous firewall monitoring

• Clean up and optimize firewall rules

• Normalize firewall rulesets for a consistent view across multiple vendors

FIREWALL ASSURANCE BENEFITS

• Identify security policy violations and platform vulnerabilities on your firewalls

• Get change recommendations to fix overly permissive rules through syslog and ACL data analysis

• Analyze how network traffic could flow through a firewall

• Automate firewall management for traditional, next–gen, virtual and cloud–based firewalls

When you’re responsible for keeping your network secure and firewalls compliant and optimized, you need to see how firewall rules and configurations impact your attack surface. Powerful analytics deliver accurate insights on–demand, and automated end–to–end rule life cycle management ensures continuous control of your firewalls. Delivers Continuous Detection of Security Threats and Compliance Risks

• Highlights access policy violations and provides root cause analysis

• Identifies rule conflicts and misconfigurations

• Identifies vulnerabilities on firewalls

• Incorporates compliance metrics and configuration analysis

Supports Next-Generation Firewalls

• Supports next-generation firewall access and rule compliance at the user and application level

• Shows the relationship between IPS signatures and vulnerability occurrences on assets, helping admins configure IPS signatures correctly

Provides Comprehensive Visibility and Reporting

• Gives fast insight to how firewall risks impact your attack surface

• Shows the relation between firewalls and zones on an interactive map

• Automates reporting for firewall ruleset audits

Keeps Firewalls Continuously Optimized

• Imports, combines and normalizes firewall data automatically from multiple vendors

• Automates rule recertification to streamline rulesets and ensure compliance

• Continuously monitors firewalls to eliminate security gaps

• Targets redundant, hidden and obsolete rules for cleanup and optimization