Service Summary
Using RedSeal Security Risk Manager and the QualysGuard vulnerability management solution, JACADIS can show you where your network vulnerabilities can be exploited from the Internet and DMZ.

Every qualifying Qualys subscription includes a complimentary external threat visualization service. This service includes:

• Graphic representation of what vulnerabilities on your internal network are open to the Internet and DMZ:
  
  

• Firewall Configuration Report which includes:

  • Baseline check of network device configurations based on industry best practices from vendors and organizations such as NIST, DISA, etc.

  • Rule clean-up: redundant rules, noncontiguous wildcards, permit any/any, etc.

  • Validation of network flows by analyzing network access policies.

Requirements

1. Client must be running compatible network architecture. Supported systems include:
   
   Cisco ASA, Cisco FWSM v2 or later, Cisco IOS v11.0 or later, Cisco PIX v5.x or later, Cisco VPN3000 v3.x and v4.x, Cisco Airnet v12.3x and v12.4T(5) or later, CheckPoint Provider-1, CheckPoint SmartCenter, CheckPoint Firewall-1, Juniper Networks Netscreen Screen OS v5.x, Foundry Networks Ironware v7.6 or later.
    
2. Client must provide JACADIS analyst with configuration files for all networking devices including:
   
   a. Firewall(s)
   b. Routers
   c. Core Switches
    
3. QualysGuard scan data for all Internet exposed systems must be completed and available in XML format.