Multi-Vendor Firewall Change Tracker for Network Security Admins
27 October 2020

As the spread of COVID-19 is forcing employees to work remotely, it’s put an unprecedented strain on organizations’ network and security teams, a direct result of the sudden rise in new access requests from remote employees.

For many IT departments, this means having to spread even thinner across the growing complexity and fragmentation of the enterprise network. The upsurge in requests that IT and security managers must handle, translates into an increased amount of firewall rule changes across datacenters and the cloud. It’s overwhelming, and nearly impossible to monitor and analyze every change across the complex hybrid IT environment.

To best support network and security admins, and help global enterprises regain visibility and control of firewall changes, Tufin’s offering a new FREE tool, the ‘Firewall Change Tracker’.

The Firewall Change Tracker effectively detects and highlights firewall rule changes. It’s done by connecting to firewalls and switches from all primary vendors, and provides a central console that monitors, displays and compares policy revisions from each device, in real-time. You can view what has changed, by whom, when, and why.

One of the strengths of this tool is that you can track rule changes for multi-vendor firewall devices, regardless if the firewall device is in the cloud or on-premise.

In addition to information about the change that was made, Tufin also collects information about who made the change, when it was made, and whether there’s a comment or a reference associated with it.

The Firewall Change Tracker is based on Tufin Orchestration Suite™ and leverages Tufin’s market-wide integrations with multiple, leading firewall vendors and cloud providers. This enables admins to add devices and immediately start detecting changes for all leading firewall devices, including tracking rule changes in AWS Security Groups and Azure Network Security Groups, as well as in VMware NSX Distributed Firewall (DFW) policies, and with Cisco ACI contracts.

How to Get Started with Firewall Change Tracker

Firewall Change Tracker is easy to use. You download the tool, deploy the OVA file as instructed, and activate the tool using the activation key in your registration confirmation email. Once you’ve installed the tool, you can start adding devices that you want to monitor and track for policy revision changes.

There’s no expiration date and no limit to the number of users per licensing key, so you can easily share visibility and increase collaboration with your peers.

Get the visibility you need to protect your network

Simplify Change Monitoring and Ensure Accountability

Most regulations and standards demand change monitoring and accountability. With the Firewall Change Tracker, you can generate reports with a comprehensive list of the changes made, and who made them, across vendors and platforms. This ensures compliance with change monitoring mandates, saving valuable time and effort as you prepare for the next audit.

Review Changes to Identify and Fix Misconfigurations

A side-by-side comparison of firewall revisions will help you review changes to identify misconfigurations and fix them. You’ll be able to notice rules that are now overly permissive, or rules that are risky, by visualizing the changes on each rule and object group. Tufin also provides automated analysis for identifying risky access and policy violations (not included in the Firewall Change Tracker).

Find the Change that Broke Connectivity

Firewall admins are often put on the spot when connectivity is broken. In some cases, this is because misconfigurations can lead to service interruptions. In cases when connectivity is broken, firewall and network engineers can search for the changes that were made to identify the root cause, and fix it. The fact that changes are retrieved in real time across all firewalls and switches, and all revisions have a time stamp, can make troubleshooting much more efficient. Tufin also provides an accurate network topology map for automated connectivity troubleshooting (not included in the Firewall Change Tracker).

Original article from: Tuffin

Post by: siteadmin
More Articles from Network Security
To VPN or Not to VPN?

To VPN or Not to VPN?

Over the past few years, VPN vulnerabilities have been in the spotlight and talked about everywhere. There is always some vulnerability being abused by opportunists and criminals, but VPNs still remain the majority solution of choice for remote...

read more