Matrix report pages
Matrix reports include the following pages.
Some report pages include information about the devices. For more details, see View AFA device data and Device report pages
Matrix Report Pages
|
Page |
Description |
|---|---|
|
Provides a general overview of the report, including a list of devices in the matrix, changes to the devices, risks, and policy optimization. |
|
|
Provides a high-level executive summary of the risk analysis findings. Available only with the AFA Risk and Compliance Module |
|
|
Access a variety of automatically-filled compliance reports for this matrix. Available only with the AFA Risk and Compliance Module. |
|
|
Find out what you can eliminate from each device's policy to optimize it and make it more efficient and maintainable. |
|
|
Indicates whether matrix members' configurations comply with certain baselines. |
|
|
Provides access to the wealth of detailed information collected and identified during the analysis. |
|
|
Displays the changes in rules, objects, and the resulting changes in allowed traffic and risks, over all the history of AFA reports for this matrix. |
HOME page
The Home page provides an overview of the matrix report. The page's content depends on your AFA modules.
RISKS page
The Risks page summarizes all risk analysis findings by providing the following:
Note: The risks which appear are associated with traffic that is allowed across all devices in the matrix. If one of the devices in the path blocks the traffic, the risk does not appear.
-
The security rating for the matrix. The security rating indicates the matrix's degree of compliance with security standards. A security rating of 100% indicates full compliance.
- The total number of risks in each severity category, not counting duplicates.
- A graph displaying the security rating trend.
-
A list of all the matrix's risks, in decreasing order of severity.
The list includes a brief summary of each threat: the risk, its trigger count (the number of times it was detected), and a brief description. The New label indicates risks that were not present in the previous report.
- The ability to easily drill down to specific rules and groups.
-
A visual representation of the risks per device, with each device's security rating.
To access an individual device's report, in the Lowest Security Rating area, click on the device's name.
REGULATORY COMPLIANCE Page
The Regulatory Compliance page includes aggregated compliance reports for the entire matrix.
To view a report, click the desired report's name.
For information on each report, see:
- Payment Card Industry Data Security Standard (see Payment Card Industry Data Security Standard (PCI DSS))
- Sarbanes-Oxley Compliance Report (see Sarbanes-Oxley)
- ISO/IEC 27001 Compliance Report (see ISO/IEC 27001)
- NERC Standards for Critical Infrastructure Protection (see NERC Standards for Critical Infrastructure Protection (NERC CIP))
- NIST SP 800-53 Compliance Report (see NIST SP 800-53)
- NIST SP 800-41 Compliance Report (see NIST SP 800-41)
- Gramm–Leach–Bliley Act (GLBA) Compliance Report (see Gramm–Leach–Bliley Act (GLBA))
- Basel-II Compliance Report (see Basel-II)
- ASD ISM Compliance Report (see ASD ISM)
- Financial Instruments and Exchange Law (Japan) Compliance Report (see Financial Instruments and Exchange Law (Japan))
- MAS TRM Compliance Report (see MAS TRM)
- HIPAA Compliance Report (see HIPAA)
POLICY OPTIMIZATION page
The Policy Optimization page enables you to optimize your policy, by identifying inefficient rules and objects. A separate list is provided for each device in the matrix.
BASELINE COMPLIANCE page
The Baseline Compliance page includes aggregated baseline compliance reports for the entire matrix.
POLICY page
The Policy page enables you to drill down into various aspects of your policy.
CHANGES page
The Changes page provides detailed information about changes to the devices in the matrix, over the whole history of AFA reports for the matrix. The information is divided into policy changes and risk profile changes.
Yes 
No 
