An affordable, easy to use and install, firewall analysis tool with three essential must-have capabilities for every network engineer.
The Athena FirePac was designed to be an affordable, easy to use and install, firewall analysis tool with three essential must-have capabilities for every network engineer.
Following devices are supported:
– Cisco PIX
– Checkpoint FW-1
FirePAC provides comprehensive firewall analysis with three essential must-have capabilities for every network engineer.
Three types of report are generated using Athena FirePAC:
– The comprehensive report includes report based on packet filtering ACLs, routing tables, and NATs. It will also evaluate the policies against industry best practices
– The Rule Conflict Report identifies rule conflicts in firewalls by identifying redundant, correlated, generalized and shadowed rules
– The policy query report analyzes the firewall policy. It is possible to query the policy for a specific address space. The policy diff report compares the firewall policy between two configurations.
Policy Analysis – a remarkably straightforward way to understand all the services allowed to, from or through a device.
Our comprehensive policy analysis is based on any combination of source, destination, service, or interface. Using the configuration file for input, FirePAC generates reports based on packet filtering ACLs, routing tables, and NATs. It details the specific configuration rules that give rise to any specific policy. It will also evaluate the polices against industry best practices so that zeroing in on the root cause of problems becomes a cinch.
Anomaly Detection – the industry’s most thorough display of duplicated/unneeded rules for cleaning-up firewall rule sets.
Athena is an expert at inferring higher level policies from firewall rules. We use this ability to provide the most accurate and complete detection of redundant and covered rules that have no effect on packet accept or deny policies because there are other rules or combinations of rules that achieve the same thing. This analysis is provided as a report that fully displays all the rules and also provides the rule or line number for easy reference.
Compare Policies – An elegant and concise presentation of added or dropped services resulting from a configuration change.
This report shows just enough of what you need and nothing you don’t. It only lists the changes, grouped by output interface and service, correlated to the actual impact. Comparing policies, rather than configurations, is the most clear-cut way to understand what is happening on a firewall. Use it before a change is committed, or after, to verify that the rules implement a given security policy correctly.
· Cisco PIX
· Checkpoint FW-1
· Java Runtime Environment (JRE) 5.0 and 6.0
· Microsoft Internet Explorer 6.0 SP1 (or later)
· Firefox 2.0 (or later)
· PDF reader for reading HTML/PDF reports
· Intel Pentium-compatible 2 GHz or faster
· 2 GB memory (RAM).
· 1 GB of drive space (and 5GB of temp space, up to 25MB of disk space for each firewall reports).
· The known issues in this release follow. Where applicable, they are categorized by
· Device Adapter type:
· Implicit rules cannot be traced back to original configuration for devices
· other than checkpoint.
· Same route rules with preference are not handled in the parsing of
· CiscoPIX dynamic routes.
· NSM Configurations for Netscreen firewalls are not supported.
· On Windows 2000, GDI+ library must be installed for better quality
· graphics30 days trial
· Nag Screen
What’s New in This Release: [ read full changelog ]
This release contains the following new features:
· Major Performance improvement using Query Based Algorithm.
· Support for Multiple Contexts in Cisco ASA Device. Shared interfaces.
Please comments and give ratings. You may also report of broken or incorrect link using comments box below. Thanks!