360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. ‘print’ mode creates a spreadsheet for your audit needs with one command.
Release Notes: This release adds ‘end.’ comments to rr mode "enter search INC EX string" instructions as well as the ‘exit’ menu option and attempts to resolve a looping issue when using Ctrl-C in the Gnome terminal. This release begins the process of automatically resolving Netscreen MIP(ipaddr) objects from interface mip statements and adds them to the NAT tables. This release also resolves issues with incorrect protocol definitions (used when merging between Checkpoint and Netscreen) and reports these. Unknown rule types are now skipped and reported, e.g. Netscreen tunnel rules.
Release Tags: Netscreen, ScreenOS, cli, Minor, Firewall, Log Analysis
Tags: Firewall Analysis, Netscreen, CheckPoint, Policy, Security, Firewall, Networking, Log Analysis, cisco, rulebase, Monitoring, Internet