Lumeta Firewall Analyzer Provides Comprehensive Firewall Auditing

Lumeta Corp. introduced its Firewall Analyzer service. The ASP assists CIOs, CFOs and network administrators in gaining precise knowledge of a firewall's perimeter.

Firewall Analyzer provides an offline analysis of firewall security policies, delivering an assessment of the vulnerability of an enterprise network from both the outside in and the inside out. The service is based on packet algorithms developed by Bell Labs, which can simulate "every possible packet the firewall would ever see," according to Avishai Wool, Lumeta's chief scientist.

Before changing the rules on a production firewall, network managers can test "what-if" scenarios with Firewall Analyzer to determine what those rules are. The total number of possible combinations of source and destination IP addresses, port numbers and protocols is 2 to the power of 104, so Wool says, "it's impossible to try all of them." Rather, Firewall Analyzer's algorithms look at the rules on the firewall and are able to process large chunks of combination space at once.

Firewall Analyzer ASP model allows Lumeta to analyze the network offline. This enables a security audit without interfering with the network's operations. The client collects the policy files from the firewall and sends them via encrypted e-mail to Lumeta's servers. Secure processing of the files takes place at Lumeta's data center, and when the report is finished, it's sent back to the client in HTML format via PGP-encrypted e-mail.

"You can analyze every firewall rule, and by drilling down you can get deeper in detail to find the problem," Wool says.

Firewall Analyzer is currently available for Cisco PIX firewalls and Check Point firewall solutions. The service is available as a single report or in a batch of five over the period of a month. Premium service includes reporting with risk assessment by a Lumeta network specialist.