July 2nd, 2008

Matasano ships Web-based firewall manager

Posted by Ryan Naraine @ 3:47 pm

Categories: Arbitrary Code Execution, Botnets, Cisco, Complex Attacks, Data theft, Denial of Service (DoS), Malware, Metasploit, Passwords, Patch Watch, Pen testing, Tools

Tags: Web, Network, Matasano Security, Network Firewall, Playbook, Firewalls, Network Security, Security, Networking, Ryan Naraine

The firewall is one of the few security tools that has been proven to be very effective at improving a company’s security posture.  However, staying on top of policies  — and responding to change requests — while trying to manage multiple firewalls from different vendors can be a never-ending nightmare for IT admins.

In steps Matasano Security which what looks like a no-brainer utility to sit between — and effectively manage  — multiple network firewalls.

The product, called Playbook, basically collects all your firewall rules, puts them into revision control system, and lets you manage them completely from a Web interface.  The network admin won’t have to log into a device ever again, reducing the chance of errors, and making rulesets available to people who need to see them but shouldn’t be accessing the the actual devices.

Playbook is a web-based command center for network firewalls. From a single console, Playbook allows firewalls teams to search firewall rulesets, design access rules with full change tracking, and push them out to one, ten or one hundred devices with a single click.

Matasano’s Max Caceres explains:

Playbook helps organizations with multiple network firewalls to better manage their policies by providing a centralized and version controlled repository of rulesets, which can be easily browsed or searched via the web. Network operators can review all recent rule changes affecting the London branch, document a recently provisioned firewall at corporate offices, and rollback to the last known version of rules for the North-East group after an update gone wrong with only a couple of clicks and without having to log into 50 different devices.

Playbook takes advantage of an expressive wiki engine to help you document rulesets, protocols, and your network infrastructure, so that you not only have a complete audit trail of all your changes, but you also know why those changes are there in the first place.

Matasano is a New York-based security consulting firm that counts Microsoft and Mozilla among its clients.  The company worked on the pentest of Windows Vista and Firefox 3.