Professional Documents
Culture Documents
Voxai Solutions Firewall Rule Set Review NC Summary Report 18 03 2024 v1.0
Voxai Solutions Firewall Rule Set Review NC Summary Report 18 03 2024 v1.0
2
3
4
Review the vulnerabilities that are there in "Details" worksheet and for the vulnerabilities that you think are false positive, ent
Attachment".
Fix the vulnerabilities which are not false positive, unless there is a technical or businees limitation for which please enter the
Save the file as "Firewall_Ruleset_Review_summary_report_customer_response.xlsx" and upload against the appropriate qua
Update ConnectWIse once the file has been uploaded.
Observations
Assessor observed that access from Any source is allowed to Any destination for Any services. It is recommended t
configured to restrict access from specific source to specific destination and specific services which are required for
for which there is no business requirement or configure rules to deny access to any unnecessary services.
access-list netflow-export
Allow Any Any
extended permit ip any any
access-list global_mpc
Allow Any Any
extended permit ip any any
Observations
Assessor observed that access from Specific source is allowed to Any destination for Any\Specific services. It is rec
should be configured to restrict access from specific source to specific destination and specific services which are re
all services for which there is no business requirement or configure rules to deny access to any unnecessary services
access-list inside_access_in
extended permit ip 10.10.30.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip 10.10.40.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip 10.10.50.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip 10.10.60.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip 10.10.70.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip 10.10.1.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip 10.10.2.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip 10.10.90.0 Allow Specific Any
255.255.255.0 any
access-list inside_access_in
extended permit ip object Allow Specific Any
corp_user_data_south any
access-list lab_access_in
extended permit ip 10.10.1.0 Allow Specific Any
255.255.255.0 any
Observations
Assessor observed that access from Specific source is allowed to Specific destination for Any Services. It is recomm
configured to restrict access from specific source to specific destination and specific services which are required for
for which there is no business requirement or configure rules to deny access to any unnecessary services.
access-list outside_access_in
extended permit object-group
Allow Specific Specific
DM_INLINE_SERVICE_1 any
object 10.10.1.101
Observations
Assessor observed that access from Any source is allowed to Specific destination for Any/Specific services. It is re
should be configured to restrict access from specific source to specific destination and specific services which are re
all services for which there is no business requirement or configure rules to deny access to any unnecessary services
access-list
insi+C2+A2:A68+A2:A70+C2+A Allow Any Specific
2:A68+A2:A62+A2:A70
access-list inside_access_in
extended permit ip any Allow Any Specific
10.10.90.0 255.255.255.0
ControlCase Customer
Comments-1 Comments-1
ervices. It is recommended that all rules should be
vices which are required for business; Disable all services
ecessary services.
Service
ControlCase Customer
Comments-1 Comments-1
ny\Specific services. It is recommended that all rules
pecific services which are required for business; Disable
to any unnecessary services.
Service
Service
Any
Please provide a
business justification
for keeping this rule.
Any
Please provide a
business justification
for keeping this rule.
ControlCase Customer
Comments-1 Comments-1
ny/Specific services. It is recommended that all rules
pecific services which are required for business; Disable
to any unnecessary services.
Service
ControlCase
Comments-2
ControlCase
Comments-2
ControlCase
Comments-2