Compliance Auditing and Integrity Check

The “allow and forget” approach is not secure. There is a need to constantly monitor the integrity of the configuration and to make sure there is no hidden, forgotten or even purposely configured part, which could make you vulnerable.

How does it work?

Synapsa Auditor calculates overall security score over all the monitored devices, keeping the complete history and showing the timeline of exposure in the dashboards. Security engineers can easily identify when the score increased due to the misconfiguration or wrongly implemented security policy.

Auditor Scheme

Note: Panorama is not needed, Synapsa is connecting directly to firewalls and checking effective configuration.

Main features

Ruleset audit

Auditor Monitor Ruleset Day Mode

Synapsa Auditor is capable of real-time audit over your security rulebase, making sure that there are no misconfigurations, dangerous rules, widely open policies or that you are not blocking any critical traffic such as management or monitoring.

Compliance audit examples

  • Check if every policy has the correct logging
  • No dangerous applications are allowed
  • Syslog/SNMP/Monitoring traffic is not blocked by a rule
  • No wide open subnets or services
  • Any other custom audit rule based on specific requirements

Integrity check

Auditor Monitor Integrity Day Mode

Synapsa Auditor allows operators to guard literally any part of the configuration, whether it's matching corporate approved standards, and if there is no malicious config item or parameter which opens doors to the organization. It allows checking the CIS Benchmark requirements in real-time and without hassle.

Integrity check examples

  • Check local administrators, to make sure there are only the approved ones, and no others
  • Check the authentication sequence, LDAP, RADIUS servers, to make sure nobody changed the authentication sequence
  • Check security policies, to make sure that no objects have hidden ports
  • Check password complexity, certificates, management profiles, snmp, allowed IPs and other complex checks
  • Guard critical policies to make sure they haven't been touched and are still consistent with the state they were in when they were approved upon deployment

CVE monitoring

Auditor Monitor CVE Day Mode

Synapsa Auditor constantly monitors the current operating system running on firewalls and other network assets using the official vendor security advisories, which provides accurate and up to date information about the vulnerabilities you are facing. There is complete information about the severity of the vulnerability, how to fix it or apply possible workaround, just one click away.

Reporting and Alerting

Dashboard Day Mode

You get a complete overview of the current compliance status in the dashboard widgets, either aggregated for all the monitored devices, or individually for each asset. Synapsa Auditor exports the findings to 3rd party monitoring and management tools, and is able to automatically fix violations to the security policy. Security or network operators can easily spot when exactly a violation has occurred, which device caused it, and take immediate action without leaving the organization vulnerable to exploits.

Would you like to discover more?

Synapsa Auditor - Built in integrations

The list is never final. We are constantly developing new integrations.
Palo Alto
  • Next Generation Firewall
  • Predefined API calls for automated threat mitigation, incident respons, and firewall policy auditing
  • Custom, miner-based and built-in data feeds to use external dynamic lists (EDL) for policy management and enforcement
  • Fully automated or semi-automated rulesets deployment
  • CVEs monitoring and alerting
Check Point
  • Next Generation Firewall with management server
  • Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
  • Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
  • Fully automated or semi-automated rulesets deployment
Fortinet
  • Next Generation Firewall - Fortigates and Forti Manager
  • Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
  • Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
  • Fully automated or semi-automated rulesets deployment

This website use cookies and analytical data. In case you agree with that please click on the "I agree" button bellow. Details can be found on a page Information for the processing of personal data.