Compliance Auditing and Integrity Check
Synapsa Auditor consists of three parts, which allow operators to have complete control over the configuration and compliance with your standards or any industry benchmark.
The “allow and forget” approach is not secure. There is a need to constantly monitor the integrity of the configuration and to make sure there is no hidden, forgotten or even purposely configured part, which could make you vulnerable.
How does it work?
Note: Panorama is not needed, Synapsa is connecting directly to firewalls and checking effective configuration.
Ruleset audit
Synapsa Auditor is capable of real-time audit over your security rulebase, making sure that there are no misconfigurations, dangerous rules, widely open policies or that you are not blocking any critical traffic such as management or monitoring.
Compliance audit examples
- Check if every policy has the correct logging
- No dangerous applications are allowed
- Syslog/SNMP/Monitoring traffic is not blocked by a rule
- No wide open subnets or services
- Any other custom audit rule based on specific requirements
Integrity check
Synapsa Auditor allows operators to guard literally any part of the configuration, whether it's matching corporate approved standards, and if there is no malicious config item or parameter which opens doors to the organization. It allows checking the CIS Benchmark requirements in real-time and without hassle.
Integrity check examples
- Check local administrators, to make sure there are only the approved ones, and no others
- Check the authentication sequence, LDAP, RADIUS servers, to make sure nobody changed the authentication sequence
- Check security policies, to make sure that no objects have hidden ports
- Check password complexity, certificates, management profiles, snmp, allowed IPs and other complex checks
- Guard critical policies to make sure they haven't been touched and are still consistent with the state they were in when they were approved upon deployment
CVE monitoring
Synapsa Auditor constantly monitors the current operating system running on firewalls and other network assets using the official vendor security advisories, which provides accurate and up to date information about the vulnerabilities you are facing. There is complete information about the severity of the vulnerability, how to fix it or apply possible workaround, just one click away.
Reporting and Alerting
You get a complete overview of the current compliance status in the dashboard widgets, either aggregated for all the monitored devices, or individually for each asset. Synapsa Auditor exports the findings to 3rd party monitoring and management tools, and is able to automatically fix violations to the security policy. Security or network operators can easily spot when exactly a violation has occurred, which device caused it, and take immediate action without leaving the organization vulnerable to exploits.
Would you like to discover more?
Synapsa Auditor - Built in integrations
- Next Generation Firewall
- Predefined API calls for automated threat mitigation, incident respons, and firewall policy auditing
- Custom, miner-based and built-in data feeds to use external dynamic lists (EDL) for policy management and enforcement
- Fully automated or semi-automated rulesets deployment
- CVEs monitoring and alerting
- Next Generation Firewall with management server
- Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
- Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
- Fully automated or semi-automated rulesets deployment
- Next Generation Firewall - Fortigates and Forti Manager
- Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
- Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
- Fully automated or semi-automated rulesets deployment
