Did I mention that I like FREE TOOLS?? Matasano Security today rolled out a new Web-based open-source tool that scans for any firewall
rules that are outdated, redundant, or could potentially expose a network to security threats.
“Flint” makes sure nothing in your firewall changes and configurations creates a security problem,” according to Matasano, a
security consulting and research firm. PCI and other regulatory compliance requirements as well as secure software development efforts are forcing organizations to take a closer look at their firewall configurations. As applications get retired and get new revisions, part of their assessments drives them back to the firewall rules that let those apps run.
Flint is the second product offering from Matasano: Its first product, Playbook, is a VMWare-based virtual appliance that centralizes and
synchronizes the control and management of multiple vendors’ firewalls. Flint can work with Playbook by ensuring any changes to firewalls are
correct and don’t open security holes into the network, according to Matasano. Flint also can run as a standalone tool for checking
firewalls. I have yet to experiment, but I certainly will as I find the time…