Herding Cats

einsigestern over 10 years ago 2 minute read time

Do you manage firewalls and other network devices? Does it sometimes seem that herding cats would be easier? Well, put away the kibble and fret not. SolarWinds has the solution that will make you say, "This is so easy, I can't believe I'm getting paid to do it." So, before you open another Mountain Dew, check out Firewall Security Manager.

Firewall Security Manager (FSM) is an affordable firewall management product with a features that address key issues in managing, and auditing firewalls. FSM is integrated with SolarWinds Network Configuration Manager (NCM). This means you can import NCM-managed firewalls into FSM. Here is a sample of FSM functionality:

Automated Security Audits - 120-plus customizable checks based on standards from the NSA, NIST, SANS and others.
Firewall Configuration and Log Analysis - Isolate redundant, covered, and unused rules and objects.
Modeling - Report what effect a new rule, or change to an existing rule, will have on your firewall policy, without modifying your production devices.
Change Management - Simplified firewall troubleshooting for your multi-vendor, Layer 3 network devices.

Browse Your Rules and Objects

The FSM Firewall Browser enables you to view and explore security rules, NAT rules, network and service objects, and network interfaces in an easy-to-navigate user interface. You can search for specific rules, objects, and configurations. This makes identifying locations in rule sets that require changes easier than finding that sock your dog stole from the laundry hamper. You can even query firewall behavior to determine traffic flows, and hosts that are exposed to potentially dangerous or risky services.

Redundant=Bad Simplify=Good

FSM enables you to compare different versions of a firewall configuration to determine the disparities. You can compare ACL and NAT rules, network and service objects, and see how the traffic flow differs. Then compare the traffic flows to determine the rule changes responsible for the differences in policy. You can also simplify firewall rule sets and object definitions, identify redundant, covered rules, and analyze log data to determine which rules and objects are not used. Based on the analysis, you can generate scripts to clean up firewall configurations. The Security Audit Report uses security checks based on standard templates or your own customized templates to compare different versions of a firewall configuration to determine how changes to rules or objects affected security.

Is That All There Is?

Fortunately, no. Otherwise I'd have nothing else to write about. But, there is, and I do. So make your mom proud that you chose tech rather than that liberal arts degree, and check back in a week or so for the second installment "Adventures in Network Management."

jkump over 8 years ago

I reinstalled my demo of FSM, and I am in awe of the basic reports that it generates. I am getting ready to migrate to NGFW and I am auditing the current firewall configs. I have been at it for several days and only got to about 20% of what FSM gave me in 10 minutes. I do not have a large number of firewalls but the cost does not look prohibitive for the audit reports that it is generating.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
Jfrazier over 8 years ago

I was not aware of FSM.
Herding cats is almost like herding developers
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
jkump over 8 years ago

I have been using the demo but I seem to be stuck at the fact that some of the reports don't run and I tried some of the auditing. Again, it seemed to just go to not responding. I didn't know if this was a part of the demo that goes away with the full version.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel