Skip to content

Products

Our NetMRI solution—with the built-in expertise—supports all the critical tools to take your business farther.

Firewall Security Services

A Powerful Solution to Enhance IT Security

Features and Benefits

  • Manages multi-vendor firewalls from a single, web-based solution
  • Automatically detects and reports changes in firewall configurations
  • Monitors the number of firewall connections and alerts staff of capacity issues
  • Performs detailed analysis of access control lists (ACLs)
  • Ensures the health and availability of firewalls throughout the network
  • Provides analysis of firewall rules and rule sets including:
    • Rule set identification
    • Number of rule hits
    • Rule set viewer
    • Remote rule testing

Supported Vendors and Products

  • Cisco Pix
  • Cisco FWSM
  • Cisco ASA5000
  • Cisco routers with access control lists (ACLs)

Monitors and Reports Issues with Firewalls and Routers

Ideally, a well-managed firewall ensures that your organization is safely protected from malicious activities and attacks. But as your IT organization grows and your network's complexities multiply, your firewalls—and the security of the organization as a whole—become subject to greater stress and increased vulnerabilities. Without sufficient monitoring and reporting, your firewall can create a critical, central weakness in your IT security.

The NetMRI Firewall Security Services Module automates the proactive analysis and detection of problems related to firewalls and router access control lists (ACLs). Using its Expert Analysis Engine, NetMRI uncovers and identifies problems based on the firewall's performance, configuration, and rule settings, ensuring that firewalls do what they are designed to do—protect the organization.

Firewall Policy & Change Management

The NetMRI Firewall Module keeps you informed of any changes in firewall rules and configuration. As a key troubleshooting tool, NetMRI retrieves and securely archives configurations across all of your firewalls. So when changes are made, the Module identifies who made the changes and at what time. In addition, the Module restricts access to only those staff members who have rights to view access lists or device configurations.

Managing Configuration

NetMRI has a unique capability of comparing the configuration of network devices currently running against a set policy, or even against previous revisions of device configuration. This process quickly detects any changes in firewall configurations and allows the administrator to drill down to the details of the changes.

Monitoring Firewall Connections

Every firewall has a limited number of connections it can accept. When unused connections are left open and that limit is reached, users and applications are prevented from making new connections. NetMRI monitors the number of connections to the firewall and when the number exceeds a certain threshold, NetMRI generates an issue on the NetMRI Scorecard. This gives administrators enough time to make changes before users or applications are denied access through the firewall.

NetMRI proactively detects and analyzes problems related to firewalls, as well as routers that have access control lists (ACLs).

NetMRI proactively detects and analyzes problems related to firewalls, as well as routers that have access control lists (ACLs).

Firewall Health

NetMRI ensures the ongoing health of your firewall by continuously monitoring the CPU, the memory, any available disk space, interface utilization, interface errors and state changes, routing table, and ARP tables. When an issue arises, the Module notifies administrators with clear, actionable reports.

Rule Set Analysis

NetMRI makes it easy to analyze firewall and router ACLs rules by identifying unused rules and rule sets. Problems often occur because rules are added to rule sets easily, but removing a rule may open a security hole if the rule is not carefully analyzed prior to removing it. As a result, firewall and router ACLs tend to grow more than they shrink. The NetMRI Firewall Module automatically checks for rules that have had no activity over time, helping administrators decide if they should be deleted.

In addition, the Module checks for rules that have experienced no hits over an extended period of time. A rule set with no activity in any rule may be an orphan rule set, which can be removed, simplifying the device configuration and reducing the burden on network administrators.

Firewall Buffer Monitoring

Cisco firewalls (PIX, ASA 5500, and FireWall Service Module) use buffers for handling data, which can become completely consumed during firewall peaks, causing packets to be dropped and, in turn, poor performance. The NetMRI Firewall Module monitors buffer pools and reports when utilizations exceed thresholds, providing administrators with advance notice of impending problems. Often, an upgrade to the firewall license or hardware is required. In other cases, high buffer utilization may be due to a denial of service attack. In either case, administrators need to be informed so that corrective action can be taken before applications and users are affected.

Firewall Redundancy

An unfortunate reality is that to perform as a gatekeeper, firewalls must be located at critical points in the network. Many organizations install redundant hardware in order to avoid a single point of failure. However, unless the primary and backup devices are closely monitored, a failure may occur in one device and the IT staff may not know it. The Firewall Module monitors redundant configurations and identifies any firewall where redundancy has been configured, but there is no active backup. This helps prevent any failures from going unnoticed, which goes a long way to avoiding a more catastrophic network outage.