Skybox® CertiFire

Classic Features

• Find shadowed, redundant, and unused rules
• Discover access compliance violations, based on custom policies or industry standards
• Delivers out-of-the-box best practice policies based on NIST and PCI DSS standards
• Analyzes root-causes of policy violations
• Provides comprehensive lifecycle management of violations and exceptions
• Creates audit reports and compliance metrics
• Follows PCI DSS v1.2 Requirement 1 and PCI check list
• Supports Check Point, Cisco, Fortinet, and Juniper firewalls

anaging a handful of firewalls was proving to be a time-consuming headache for this non-profit organization.  Concerned about the time drain on skilled IT resources, they were looking for an easy solution to cut the time and expense of maintaining firewalls and auditing for PCI compliance.   In just a few minutes, firewall administrators downloaded a fully-operational trial version from the Skybox website (link), configured firewall data collection using the step-by-step wizard, and delivered a firewall audits report.

Step 1 – Collect. Skybox CertiFire™ automatically collects firewall configuration data, log files, and corporate security policies.  A normalized firewall configuration repository is created, allowing fast and consistent evaluation of different firewalls. Configurations may be entered manually or collected automatically from existing configuration repositories.

Step 2 – Analyze. CertiFire correlates firewall configuration and policy data with industry standards and firewall management best practices.  Security and compliance gaps are identified and prioritized to show firewall administrators the areas of greatest concern. 

Step 3 – Report and Act. Firewall administrators can quickly generate a list of firewall misconfigurations and ruleset issues, and feed information into a trouble ticketing system for fast remediation.