Auditing PCI Data Security Standard
Auditing for FISMA Compliance using OPNET Sentinel
The Case for Model-Driven Network Compliance Auditing
Senior Consultant, Network
Management
Fujitsu
Supported out-of-the-box network policy compliance templates
(partial list)-PCI-DSS
-HIPAA
-FISMA
-SOX
-DISA-STIG
-NIST 800-53
Network Auditing
Maintaining network integrity and security is imperative for ensuring quality
service, meeting regulatory requirements, and managing operational risks. There
are numerous obstacles to achieving this, including technology change, staffing
and skills shortages, and the need to accelerate business responsiveness. Operational
errors are frequently the consequence, as confirmed by industry studies that
point to configuration issues as a major source of network downtime, degraded
performance, and gaps in network security.
IT Sentinel® is a software appliance for ensuring network integrity, security, and policy-compliance. It performs systematic network configuration audits, analyzing an up-to-date model of the production network to diagnose device misconfigurations, policy violations, inefficiencies, and security gaps. IT Sentinel enables organizations to reduce network outages, ensure network security, verify regulatory and policy compliance, and enhance staff productivity.
Perform network audits as frequently as you make changes to ensure policy compliance.
Benefits
Comply with regulatory, organizational, and security policies
IT Sentinel verifies that network security policies have been implemented effectively by pinpointing breaches in defenses such as open ports and misconfigured Access Control Lists (ACLs). Sentinel’s rules-based analysis demonstrates compliance with security, regulatory, and organizational policies, leveraging out-of-the-box compliance checks for PCI-DSS, FISMA, Sarbanes-Oxley, HIPAA, NIST 800-53, NSA and others.Avoid network outages from network misconfigurations
IT Sentinel uncovers latent network configuration issues that could cause network outages, leveraging an extensive rules-based analysis engine that checks topology, routing information, individual devices, groups of devices, and the logical relationships between them. IT Sentinel's best-in-class analytics understand networks and protocols and identify configuration issues not detectable through traditional string matching techniques used by most auditing tools.Reduce operational costs with automated auditing and reporting
IT Sentinel reduces the overhead of manual auditing and report generation by publishing valuable network documentation and policy compliance reports, including executive summaries, detailed analysis, network differences, trending, and network diagrams. In addition, IT Sentinel alerts key staff via email, pager, or trouble ticket, to quickly respond and fix network problems before they become critical.
Analyze and document network changes over time. |
Key Features
- Perform scheduled audits of routers, switches, and firewalls to pinpoint configuration errors before they affect network operations
- Verify that network security policies have been implemented effectively, and ensure compliance with regulatory and industry requirements
- Analyze network devices, topology, and routing information against industry best practices
- Diagnose network issues not detectable through regular expression-based analysis (the approach used by most auditing tools) using an intelligent semantic check of the entire network configuration
- Identify topology, device, and configuration changes using a comprehensive network differences report
- Customize organization-specific standards and requirements using an open authoring environment
- Publish comprehensive reports and automatically notify key staff about critical issues
- Publish up-to-date physical and logical network diagrams automatically through Sentinel’s NetMapper module