Scribd Logo
Upload

Welcome to Scribd!

  • Voxai Solutions Firewall Rule Set Review NC Summary Report 18 03 2024 v1.0

    Uploaded by

    muddassir.noc
    1 views11 pages

    Original Title

    Voxai_Solutions_Firewall_Rule_Set_Review_NC_Summary_Report_18_03_2024_v1.0

    Copyright

    © © All Rights Reserved

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1 views11 pages

    Voxai Solutions Firewall Rule Set Review NC Summary Report 18 03 2024 v1.0

    Uploaded by

    muddassir.noc

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    1

    2
    3
    4
    Review the vulnerabilities that are there in "Details" worksheet and for the vulnerabilities that you think are false positive, ent
    Attachment".
    Fix the vulnerabilities which are not false positive, unless there is a technical or businees limitation for which please enter the
    Save the file as "Firewall_Ruleset_Review_summary_report_customer_response.xlsx" and upload against the appropriate qua
    Update ConnectWIse once the file has been uploaded.
    Observations
    Assessor observed that access from Any source is allowed to Any destination for Any services. It is recommended t
    configured to restrict access from specific source to specific destination and specific services which are required for
    for which there is no business requirement or configure rules to deny access to any unnecessary services.

    Device name: DO Firewall


    Affected ACL :
    Affected Rules :
    Rule Action Source Destination

    access-list netflow-export
    Allow Any Any
    extended permit ip any any

    access-list global_mpc
    Allow Any Any
    extended permit ip any any

    access-list cp-outside extended


    Allow Any Any
    permit ip any any

    Observations
    Assessor observed that access from Specific source is allowed to Any destination for Any\Specific services. It is rec
    should be configured to restrict access from specific source to specific destination and specific services which are re
    all services for which there is no business requirement or configure rules to deny access to any unnecessary services

    Device name: DO Firewall


    Affected ACL :
    Affected Rules :
    Rule Action Source Destination

    access-list inside_access_in
    extended permit ip 10.10.30.0 Allow Specific Any
    255.255.255.0 any

    access-list inside_access_in
    extended permit ip 10.10.40.0 Allow Specific Any
    255.255.255.0 any
    access-list inside_access_in
    extended permit ip 10.10.50.0 Allow Specific Any
    255.255.255.0 any

    access-list inside_access_in
    extended permit ip 10.10.60.0 Allow Specific Any
    255.255.255.0 any

    access-list inside_access_in
    extended permit ip 10.10.70.0 Allow Specific Any
    255.255.255.0 any

    access-list inside_access_in
    extended permit ip 10.10.1.0 Allow Specific Any
    255.255.255.0 any

    access-list inside_access_in
    extended permit ip 10.10.2.0 Allow Specific Any
    255.255.255.0 any

    access-list inside_access_in
    extended permit ip 10.10.90.0 Allow Specific Any
    255.255.255.0 any

    access-list inside_access_in
    extended permit ip object Allow Specific Any
    corp_user_data_south any

    access-list lab_access_in
    extended permit ip 10.10.1.0 Allow Specific Any
    255.255.255.0 any

    Observations
    Assessor observed that access from Specific source is allowed to Specific destination for Any Services. It is recomm
    configured to restrict access from specific source to specific destination and specific services which are required for
    for which there is no business requirement or configure rules to deny access to any unnecessary services.

    Device name: DO Firewall


    Affected ACL :
    Affected Rules :
    Rule Action Source Destination
    access-list outside_access_in
    extended permit object-group
    Allow Specific Specific
    DM_INLINE_SERVICE_1 any
    object 10.10.2.104

    access-list outside_access_in
    extended permit object-group
    Allow Specific Specific
    DM_INLINE_SERVICE_1 any
    object 10.10.1.101

    Observations
    Assessor observed that access from Any source is allowed to Specific destination for Any/Specific services. It is re
    should be configured to restrict access from specific source to specific destination and specific services which are re
    all services for which there is no business requirement or configure rules to deny access to any unnecessary services

    Device name: DO Firewall


    Affected ACL :
    Affected Rules :
    Rule Action Source Destination

    access-list
    insi+C2+A2:A68+A2:A70+C2+A Allow Any Specific
    2:A68+A2:A62+A2:A70

    access-list inside_access_in
    extended permit ip any Allow Any Specific
    10.10.90.0 255.255.255.0
    ControlCase Customer
    Comments-1 Comments-1
    ervices. It is recommended that all rules should be
    vices which are required for business; Disable all services
    ecessary services.

    Service

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    ControlCase Customer
    Comments-1 Comments-1
    ny\Specific services. It is recommended that all rules
    pecific services which are required for business; Disable
    to any unnecessary services.

    Service

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.
    Any Please provide a
    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.
    ControlCase Customer
    Comments-1 Comments-1
    r Any Services. It is recommended that all rules should be
    vices which are required for business; Disable all services
    ecessary services.

    Service
    Any
    Please provide a
    business justification
    for keeping this rule.

    Any
    Please provide a
    business justification
    for keeping this rule.

    ControlCase Customer
    Comments-1 Comments-1
    ny/Specific services. It is recommended that all rules
    pecific services which are required for business; Disable
    to any unnecessary services.

    Service

    Any Please provide a


    business justification
    for keeping this rule.

    Any Please provide a


    business justification
    for keeping this rule.
    ControlCase
    Comments-2

    ControlCase
    Comments-2
    ControlCase
    Comments-2
    ControlCase
    Comments-2

    You might also like