4 Replies Latest reply on May 28, 2014 2:32 AM by eldad_tufin

    Secure Track - Tufin Plugin for MWG

    fab

      Dear Community

       

      Anybody using Tufin Secure Track to audit Ruleset changes etc at all? We're using Tufin for Checkpoint/Cisco Devices, also Bluecoat is supported. Unfortunatly MWG not. However it could be possible to write a plugin using the provided TOP SDK.

       

      How do you fare about auditing changes to the rulebase at all? SIEM solutions or Splunk?

       

      regards,

      fab

        • 1. Re: Secure Track - Tufin Plugin for MWG
          fab

          Ok, maybe the question is to software vendor specific. How do you guys audit your policy if at all? We would like to have

           

          - Consolidated Audit Log (centralized logs)

          - Monthly Report on Policy Changes (compliance tracking, change management: who, when, where change what)

          - Statistics on which Rule is used most (performance tuning and getting rid of old unused rules)

           

          Is there maybe some kind of EPO integration, or policy audit tool from McAfee directly?

           

          thanks,

          fabi

          • 2. Re: Secure Track - Tufin Plugin for MWG
            eldad_tufin

            Hi Fab,

             

            I am Eldad form Tufin's Procuct Management team;

             

            I am not 100% sure what is the "MWG" but end of last year we have added "native" support (not TOP SDK) to "McAfee Firewall Enterprize" (MFE) ver 10.x current support in our latest GA release (TOS R14-1) includes:

            - Monitoring MFE FWs in real time

            - Alerting for policy changes

            - Policy View/Compare

            - Dashboard browsers - Risk, Change, Cleanup

            - Policy Analysis (Check if a cetain traffic is allowed in the FW)

            - Policy Change reports (daily, weekly, monthly FW change reports)

            - Complaince Policies

            - Audit and regulations (PCI-DSS, SOX)

             

            For more info, Demo, evaluaiotn etc, please contact me at pm@tufin.com or support@tufin.com

             

            Thanks

             

            Eldad

            • 3. Re: Secure Track - Tufin Plugin for MWG
              fab

              Dear Eldad

               

              The MWG is what this forum is about: McAfee Web Gateway being a Forward Proxy to enforce access control on all outbound Internet traffic. The used policy is quite close to being a ruleset and for this ruleset it would be nice to have the audit functions centrally managed like Tufin does.

               

              Thanks,

              fab

              • 4. Re: Secure Track - Tufin Plugin for MWG
                eldad_tufin

                Hi Fab,

                 

                Oops, missed that....sorry.

                As you relaized we  dont support it, and curently we dont have plans to add it in 2014. We might add some support for web gateways in 2015 but I am not sure for which vendor it would be.

                You could write a TOP pugin for it and get r textual based configuration change monitoring. not sure if it will cover your requierment.

                 

                Eldad