Tufin Application Policy Generator

Hey There,

I’ve been looking at the Tufin APG. This is a cool tool that will auto generate a policy based on the traffic
it sees in the logs. You can use this for:

1) M&A’s: see what traffic is coming/going to new division prior to integration and build new policy for them
2) Rule Review: Compare current policy to recommended policy from APG
3) Fine Tune: Creating more permissive or more fine grained rule…use it on per rule basis

I only looked at some small logs and the note of caution is you HAVE to do filtering prior to loading logs
into APG. Drop all the DROP traffic or single hit traffic. Otherwise you will need a CPU cloud to generate
the new rulebase. Its exponential, so every minor log entry kill will probably buy you 1 minute (I exagerate).

Here is my admittedly quirky review:

http://www.youtube.com/watch?v=6jr39VT6YT8

Enjoy!

dreez

 

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

blog.lachmann.org

Michael Endrizzi's - St. Paul MN - CheckPoint blog on topics related to Check Point products and security in general.

%d bloggers like this: