Organizations that have multiple locations with multiple firewalls or even single firewalls with complex rules can benefit from VSI's Security Monitoring solutions.
VSI offers several different techniques to audit which ports a firewall is allowing through:
VSI scanners can be placed outside of a network protected by a firewall and then used to scan which external ports are open.
Multiple VSI scanners can be placed throughout an organization and then used to scan externally. This can identify inter-department trust relationships.
The Passive Vulnerability Scanner can observe network traffic on the inside or outside of a firewall and determine all open ports as well as which ports are being utilized.
Logs from the firewall can be used by the Log Correlation Engine to analyze which ports are being blocked, which are being let through and which hosts and networks are the most active.
VSI can also detect when changes in a firewall rule set open new types of communication paths.
The Passive Vulnerability Scanner identifies traffic to new ports as well as browsed ports in real-time.
Successive VSI scans performed by the Security Center automatically identify new ports that are available for connections.
The Log Correlation Engine automatically recognizes rule changes in the logs of many leading firewall vendors.