Managing rules with Firewall Builder

- [Instructor] It's not unusual in modern networks…for firewalls to accumulate vast numbers of rules.…Being able to have a way to document and manage these rules…is important for network and security administrators.…Using a tool, such as Firewall Builder, doesn't change…the way in which firewalls operate, but it does provide…a simple way of expressing rules to make it much easier…to see how the rule set operates, and it allows…all firewall rules across the enterprise network…to be accessed from one place.…

Firewall Builder includes a range of Linux…and Cisco firewall platforms, and provides…a validation function to check for invalid rules,…and issues, such as rule shadowing where a rule…will never be executed due to a prior rule.…Part of the pen tester's role is to check firewall rule sets…and determine whether they provide…open pathways to a target network.…Even if the firewall isn't currently being managed…using Firewall Builder, existing rule sets can be imported…to allow validation and review…more effectively than at the command line.…