Skip to content
Partners Support Login Docs Cloud Edition Login Contact Sales
Use Cases + Initiatives
Solutions + Products
Resources
Services + Support
Company
Contact Sales
Use Cases
You have tough cybersecurity problems to solve? We have proven use cases to solve them.
Context-aware change management Rule optimization and clean up Security policy lifecycle management Vulnerability assessment and prioritization Vulnerability discovery Vulnerability reporting and oversight
Initiatives
Cybersecurity initiatives are complex and time-consuming. We help you achieve greater success, faster.
Attack surface management Audit and compliance De-risk IT/OT convergence Secure cloud adoption and migration Security automation Zero trust
De-risk IT/OT convergence
Avoid unplanned downtime with intelligent OT security. Unlock complete attack surface visibility, analytics, and automation across your IT network, OT network, and cloud environments.
Solutions
Security Policy ManagementCollect, normalize, and optimize network and security data for comprehensive visibility, control, and insights. Vulnerability and Threat ManagementUnderstand your true exposure to target vulnerability remediation where it matters most, proactively reducing your risk of a breach.
Products
Firewall AssuranceImprove cyber hygiene and risk management with centralized, optimized firewall management. Change ManagerAutomate change management workflows for comprehensive risk assessments. Network AssuranceGet total visibility and contextual intelligence across complex hybrid networks.
Vulnerability ControlDiscovery vulnerabilities, prioritize based on exposure-based risk scores, and close with prescriptive remediation options. Threat IntelligenceIdentify vulnerabilities and mitigate potential exploits within your hybrid networks.
Security Posture Management Platform Visualize and analyze hybrid, multi-cloud, and OT networks, gaining the full context and understanding of your attack surface. Integrations Our integrations span private cloud, public cloud, SIEM, SOAR, ITSM, and more. We integrate with the major technology ecosystems, security and networking technologies, devices, and OT assets. Cloud Edition Speed deployment, increase scalability, and reduce operational burden with the Security Posture Management Platform delivered as-a-service.

Request pricing

Contact an expert to discuss your current environment and develop a pricing package that is optimized for you.

Learn More

Request a Demo

Share your use case and we’ll take you on a customized, guided demonstration to show how Skybox can help.

Learn More
Cybersecurity Resources
Featured thought leadership, research,
webinars, product materials, and more.
All Resources Briefs Case studies Datasheets Ebooks Infographics Reports Videos Webinars Whitepapers
Industries
Manufacturing Public sector and government Financial services, banking, and insurance Energy and utilities
Topics
Increase cybersecurity budget ROI Eliminate OT security risk Zero in on threats and vulnerabilities that matter Cybersecurity research and thought leadership
View all topics and industries
Cybersecurity solutions for a riskier world
Reduce cyber risk with security posture management
Vulnerability and threat trends report 2022
Cybersecurity risk underestimated by operational technology organizations
Services + Support
We are here to help you every step of the way.
Professional Services
Increase your time to value, optimize your resources, and place your bets on the right use cases.
Technical Support
Things can get tricky from time to time. We offer flexible support service packages based on your needs.
Training
Learn tips and tricks to get the most our of your Skybox products. Optimize workflows, create custom reporting, and reduce errors.
Customer Community

Access the tools, use cases, and best practices you need to deepen your knowledge and maximize your investment.

Login
Why Skybox
Skybox takes the guesswork out of securely enabling your business at scale and speed. We provide the insights and context to make informed security decisions while saving you time and money. Find out what you've been missing.
Company
Learn why we are the global leader in security posture management.
Careers Events History Leadership Research Lab Contact Us
Newsroom
Check out what’s new and noteworthy at Skybox.
Awards Media Coverage Press Releases Cybersecurity Research
Blog
Read our latest insights about market trends, security initiatives, use cases, and more.
Skybox research reveals a perilous threat landscape
Learn how the threat landscape is evolving, with new vulnerabilities, exploits and OT risks. Download the 2022 Skybox Vulnerability and Threat Trends Report.
Return to

Six steps to firewall hygiene with optimized rulesets

Analyze firewall rule sets and automate change management workflows to advance cyber hygiene priorities and reduce risk.

Learn how to:
  • Protect your attack surface by eliminating risky firewall access rules
  • Enhance business agility through firewall rule automation and provisioning
  • Optimize firewall rule planning and strengthen your network security policy
  • Free up personnel time through automated firewall rule analysis
  • Accelerate firewall audit readiness and stay continuously compliant
  • Reduce exposure to new vulnerabilities by leveraging Skybox threat intelligence
  • Enforce continuous policy compliance with clear and intelligible rule sets

“How to review firewall rules” remains a popular topic of debate among security administrators discussing various firewall optimization options. The Skybox Security Posture Management platform solves that problem. It reduces cyber exposure risk exponentially by delivering a concise, manageable, optimized ruleset and automated change management workflows for provisioning firewall rule and object changes. Rule optimization and smart automation are leading firewall rules best practices, especially in industries such as Fin Serv, where periodic rule recertification is mandatory. The ability to de-risk proposed changes against unintentional vulnerability exposure is a unique Skybox differentiator and a critical capability for organizations interested in maintaining a fortified security posture against popular threats such as zero-day DDoS attacks. Skybox rule optimization capabilities extend to cloud firewall solutions and can be used to de-risk firewall deployments.

Identify shadowed, redundant, expired, or disabled rules

Shadowed and redundant rules have their scopes completely covered by other rules with the same action that appear above or below them in the firewall access rules. Because of the way the firewall evaluates traffic, shadowed and redundant rules remain unutilized, creating potential risks during a firewall audit. The Skybox Firewall Assurance module conducts firewall rule analysis to identify shadowed, redundant, administratively disabled, or expired rules.

Identify duplicate or orphaned objects

Duplicate objects introduce complexity in the firewall rule set, as they have the same scope but different unique names. Administrators can eliminate the inconsistency of firewall rules that use duplicate objects by reconfiguring all rules to use one object and deleting the extra objects, using Skybox Firewall Assurance.

Identify unused rules/objects

By analyzing firewall hit counters and traffic logs, Skybox firewall rule analysis software identifies unused rules & objects that can be safely removed from the firewall. Firewalls must be configured to forward the correctly formatted Syslog data to the Skybox Collector, where usage metrics are calculated.

Identify partially used rules/objects, evaluate flows

The Skybox Firewall Assurance module improves network visibility by delineating partial usage of rules and objects. It capturing firewall traffic flows over a period to outline the exact utilization of sources, destinations, and services within a rule or object. Thus, the solution can identify overly permissive rules and objects.

Create tickets for rule/object deletion/modification

Tickets are created in Firewall Assurance for deletion, deactivation, or modification of relevant rules or objects. Administrators can manage the tickets in the Skybox Change Manager module, which can enrich the change management workflow in ServiceNow and other 3rd party ITSMs.

Automated provisioning of rule/object changes on firewalls

Change Manager orchestrates the firewall security changes through integrations with PAN Panorama, Fortinet FortiManager, Check Point Security Management, and Cisco Firewall Management Center. Tickets are closed after the changes are successfully implemented and verified.

Hello! It looks like you may have some browser-security settings in place that block basic web page functions, like the form that should be right here. Please change your browser settings and refresh this page; you can find our privacy and security policies here.

Thank you for your submission!
Download solution brief
Featured resources
Security Posture Management Platform

The Skybox Platform unifies vulnerability management and network security policy management to provide attack surface visibility and context.

Vulnerability and Threat Management

Discovery vulnerabilities, prioritize based on quantified risk scores, and close with optimal remediation.
Security Policy Management

Make security policy management easier, faster, and more effective. Connect, normalize, and optimize data.
Brief
Build a robust IT/OT security approach

Unlock complete attack surface visibility, analytics, and automation across your IT, OT, and hybrid cloud environments with a security posture management platform.
/
Download
Contact Sales