I have to perform a health check activity for Firemon Security manager.
Can you please suggest which tasks I have do to as part of this health check and audit? What are the specific reports I need to pull out to identify the flaws in the configuration and highlight to the client?
Sorry, I don’t have installed Firemon on the stend wright now and can’t test this task.
But in most cases customer want to see:
Audit
1. Who change the configuration.
2. Which rules and objects was changed.
3. How changes affect on traffic flows
4. Haw changes complied to security requirements in organization
Health check
1. CPU load, temperature, HDD health, free space, RAM usage
2. Traffic drops/accepts
3. Traffic spike and outage
4. Important services drops
5. Interfaces, routing health
6. Backup status
For my two cents..
Health check
- Firewall CPU utilization
- Hard disk capacity
- FW rule/s often used utilized ( can be used as basis for fw policies appropriate hierarchy)
- Fw rules not used/no hits, expired policy, objects not used, shadowed rules (sort of database maintenance)
Audit
- Run compliance report on the current policy enforced based on the end-user’s industry (e.g. SOX, PCI-DSS, HIPAA etc…)
- Run report to analyse and simulate risks before change implementation
- Run report for risky and unauthorized connection
- Run policy package report that can be used as basis for a much specific rules implementation
Hi,
Absolutely I could. How does this automation work?
Hi Raveesh! We'd be happy to help you with your health check activity. To help us get a better sense of the environment you are managing, would you mind shooting us an email at customersuccess@firemon.com? We can set up a phone conversation and help you get what you need. Thanks!