Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Firewall and Boundary Auditing Best Practices

Recently, I had the chance to work with several larger Tenable enterprise customers who were charged with figuring out what the perimeter of their network really looked like.

I showed them how multiple Nessus scanners and Passive Vulnerability Scanners deployed throughout their infrastructure could be leveraged to provide near real-time visibility into every boundary or enclave.

With the rise in popularity of the SANS Consensus Audit Guidelines, which specifically call out "Boundary Monitoring", and the increased number of Tenable federal customers deploying 20+ active and passive scanners to perform CyberScope scanning, I decided to write a best practices paper on how network boundaries can be monitored and understood.

The paper starts out with simple concepts such as comparing what a scanner on the inside of a firewall can find compared to what one on the outside scanning inbound can find. It finishes with how distributed scanning and sniffing can help identify trust relationships and poor firewall rules between enclaves. There is also a lot of great artwork that facilitates understanding of these complex ideas:

Boundary-image
 The paper is available for a free download here. If you have feedback or want to send me a note about it, feel free to post comments to our Tenable Discussions Forum and reach me on Twitter @RonGula.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.