Skip navigation

Geek Speak

1 Post authored by: jacob_beucler

nfsm.png


Wake up Neo…

 

The Matrix has you…


While Neo (aka Thomas Anderson) may indeed be the Wachowskis’ best fictional character ever created. SolarWinds Firewall Security Manager is no work of fiction. It is a great piece of software that makes the challenging job of managing Firewalls much less like staring a screen filled entirely with 0’s and 1’s (or rather .255’s and .192’s) and more like…Something beautiful!


Now it gets weird(er)…let’s assume for this “Exercise” that Neo wrote Firewall Security Manager one night on the Nebuchadnezzar shortly after having taken the red pill and survived a rather shocking awakening…


Enter the Construct: Weapons, Clothes, Ammo, Training programs. While Neo was brushing up on his Drunken Boxing style, Neo chose to use some synthetic packets to determine the network exposures on the layer 3 devices running in the Nebuchadnezzar, greatly enhancing his ability to retain everything he learned during his 10 hour Kung Fu infusion.


Enter the Sparring Program: Hitting Morpheus became much easier after Neo recalled that FSM easily integrates with NCM, thusly providing a transparent view into Morpheus’s seeming superior network configuration…


Enter the Jump Program: letting go of fear, doubt and disbelief…”Whoa” seems an appropriate response, now let’s assume Neo had already run a Security Audit report on the firewall that was gating the Jump Program, clearly Neo would have learned about the incorrectly mapped NATed addresses that interestingly enough, cause everybody to fall the first time…


Search and Destroy: Inside the “real” world the Sentinels do one thing… Search and Destroy, Tank desperately needed to have a clear understanding of how the sentinels’ traffic is controlled by security rules. Tank should have known that FSM assumes a “Perimeter” firewall by creating Zone Definitions Preferences…thank goodness all they had to do was power down and hold their breath…


Inside the Matrix, they are the gate keepers: The Agents are everywhere; it’s likely that when Cypher chose to open a direct line to the location of “The Oracle”, Agent Smith had run a Traffic Flow Compare on the open line in order to see if any traffic had been added or deleted as the result of a rule change.


I can only show you the door, you have to walk through it:  The Oracle is clearly well informed about her Security Audit Reports, she very safely determines if dangerous services are allowed from the DMZ to the internal Zone, breaking a vase apparently doesn’t qualify.  Mmmm those cookies do smell good.


There is no Spoon: Clearly the child has been cheating and has recently run a Cleanup and Optimization Report, identifying unused and structurally redundant rules, thusly allow him to trick Neo into thinking that a taking a different perspective was actually going to do a darned thing.


They’re in the walls: Unfortunately, even the Agents knew way in advance that the last rule in your firewall configuration should deny all unmatched traffic. Apoc and Switch could have benefited from that information.


You are a plague, and we are the cure: Even Agent Smith wants to be free, perhaps he overlooked the fact that all PCI controls that address firewall policies are able to be evaluated by FSM


Dodge This: Well said Trinity, FSM supports firewalls and Layer 3 Network Devices. Comes in SUPER handy when you need to learn how to fly a chopper in .25 seconds…Perhaps FSM is “The One”. I dare say that with FSM in place, you too can begin to believe…that managing your firewall can be done efficiently, effectively and with unexpected simplicity.


Thanks for the read folks, be sure to check out the FSM Demo to see it in action!

Filter Blog

By date: By tag: