Firewall and Boundary Auditing Best Practices
Recently, I had the chance to work with several larger Tenable enterprise customers who were charged with figuring out what the perimeter of their network really looked like.
I showed them how multiple Nessus scanners and Passive Vulnerability Scanners deployed throughout their infrastructure could be leveraged to provide near real-time visibility into every boundary or enclave.
With the rise in popularity of the SANS Consensus Audit Guidelines, which specifically call out "Boundary Monitoring", and the increased number of Tenable federal customers deploying 20+ active and passive scanners to perform CyberScope scanning, I decided to write a best practices paper on how network boundaries can be monitored and understood.
The paper starts out with simple concepts such as comparing what a scanner on the inside of a firewall can find compared to what one on the outside scanning inbound can find. It finishes with how distributed scanning and sniffing can help identify trust relationships and poor firewall rules between enclaves. There is also a lot of great artwork that facilitates understanding of these complex ideas:
The paper is available for a free download here. If you have feedback or want to send me a note about it, feel free to post comments to our Tenable Discussions Forum and reach me on Twitter @RonGula.
Related Articles
Securing Financial Data in the Cloud: How Tenable Can Help
November 4, 2024Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.