@@ -80,101 +80,101 @@ def run_audit(args, fw_obj, firewall, status_dict, local_dirname, web_dirname):
8080 logging .info (f"{ firewall_name } )
8181
8282 rule_list = [
83- # {
84- # "method": rules.eval_access_list,
85- # "settings": audit_settings["access_acl"],
86- # "log_msg": "Evaluate Access ACL"
87- # },
88- # {
89- # "method": rules.eval_central_mgmt,
90- # "settings": audit_settings,
91- # "log_msg": "Evaluate Central Management"
92- # },
93- # {
94- # "method": rules.eval_device_access_profile,
95- # "settings": audit_settings["device_access_profile"],
96- # "log_msg": "Evaluate Device Access Profiles"
97- # },
98- # {
99- # "method": rules.eval_admin_services,
100- # "settings": audit_settings["admin_services"],
101- # "log_msg": "Evaluate WAN Zone Admin Services"
102- # },
103- # {
104- # "method": rules.eval_admin_authen,
105- # "settings": audit_settings["authen_servers"],
106- # "log_msg": "Evaluate Authentication Servers"
107- # },
108- # {
109- # "method": rules.eval_malware_protection,
110- # "settings": audit_settings["malware_protection"],
111- # "log_msg": "Evaluate Malware Protection Antivirus Engine"
112- # },
113- # {
114- # "method": rules.eval_atp,
115- # "settings": audit_settings["threat_protection"],
116- # "log_msg": "Evaluate Advanced Threat Protection (ATP)"
117- # },
118- # {
119- # "method": rules.eval_ips_policies,
120- # "settings": audit_settings["ips_policies"],
121- # "log_msg": "Evaluate IPS Policies"
122- # },
123- # {
124- # "method": rules.eval_hostgroups,
125- # "settings": audit_settings["host_groups"],
126- # "log_msg": "Evaluate Host Groups"
127- # },
83+ {
84+ "method" : rules .eval_access_list ,
85+ "settings" : audit_settings ["access_acl" ],
86+ "log_msg" : "Evaluate Access ACL"
87+ },
88+ {
89+ "method" : rules .eval_central_mgmt ,
90+ "settings" : audit_settings ,
91+ "log_msg" : "Evaluate Central Management"
92+ },
93+ {
94+ "method" : rules .eval_device_access_profile ,
95+ "settings" : audit_settings ["device_access_profile" ],
96+ "log_msg" : "Evaluate Device Access Profiles"
97+ },
98+ {
99+ "method" : rules .eval_admin_services ,
100+ "settings" : audit_settings ["admin_services" ],
101+ "log_msg" : "Evaluate WAN Zone Admin Services"
102+ },
103+ {
104+ "method" : rules .eval_admin_authen ,
105+ "settings" : audit_settings ["authen_servers" ],
106+ "log_msg" : "Evaluate Authentication Servers"
107+ },
108+ {
109+ "method" : rules .eval_malware_protection ,
110+ "settings" : audit_settings ["malware_protection" ],
111+ "log_msg" : "Evaluate Malware Protection Antivirus Engine"
112+ },
113+ {
114+ "method" : rules .eval_atp ,
115+ "settings" : audit_settings ["threat_protection" ],
116+ "log_msg" : "Evaluate Advanced Threat Protection (ATP)"
117+ },
118+ {
119+ "method" : rules .eval_ips_policies ,
120+ "settings" : audit_settings ["ips_policies" ],
121+ "log_msg" : "Evaluate IPS Policies"
122+ },
123+ {
124+ "method" : rules .eval_hostgroups ,
125+ "settings" : audit_settings ["host_groups" ],
126+ "log_msg" : "Evaluate Host Groups"
127+ },
128128 {
129129 "method" : rules .eval_syslog ,
130130 "settings" : audit_settings ["syslog" ],
131131 "log_msg" : "Evaluate Syslog Settings"
132132 },
133- # {
134- # "method": rules.eval_notifications,
135- # "settings": audit_settings,
136- # "log_msg": "Evaluate Notifications Settings"
137- # },
138- # {
139- # "method": rules.eval_notification_list,
140- # "settings": audit_settings,
141- # "log_msg": "Evaluate Notification List Settings"
142- # },
143- # {
144- # "method": rules.eval_backup,
145- # "settings": audit_settings,
146- # "log_msg": "Evaluate Scheduled Backup Settings"
147- # },
148- # {
149- # "method": rules.eval_certificate,
150- # "settings": audit_settings,
151- # "log_msg": "Evaluate Certificate Settings"
152- # },
153- # {
154- # "method": rules.eval_loginsecurity,
155- # "settings": audit_settings,
156- # "log_msg": "Evaluate Login Security"
157- # },
158- # {
159- # "method": rules.eval_dns_servers,
160- # "settings": audit_settings,
161- # "log_msg": "Evaluate DNS Servers"
162- # },
163- # {
164- # "method": rules.eval_smtp_protection,
165- # "settings": audit_settings,
166- # "log_msg": "Evaluate SMTP Protection"
167- # },
168- # {
169- # "method": rules.eval_snmpv3,
170- # "settings": audit_settings,
171- # "log_msg": "Evaluate SNMPv3"
172- # },
173- # {
174- # "method": rules.eval_time,
175- # "settings": audit_settings['time'],
176- # "log_msg": "Evaluate Time Settings"
177- # }
133+ {
134+ "method" : rules .eval_notifications ,
135+ "settings" : audit_settings ,
136+ "log_msg" : "Evaluate Notifications Settings"
137+ },
138+ {
139+ "method" : rules .eval_notification_list ,
140+ "settings" : audit_settings ,
141+ "log_msg" : "Evaluate Notification List Settings"
142+ },
143+ {
144+ "method" : rules .eval_backup ,
145+ "settings" : audit_settings ,
146+ "log_msg" : "Evaluate Scheduled Backup Settings"
147+ },
148+ {
149+ "method" : rules .eval_certificate ,
150+ "settings" : audit_settings ,
151+ "log_msg" : "Evaluate Certificate Settings"
152+ },
153+ {
154+ "method" : rules .eval_loginsecurity ,
155+ "settings" : audit_settings ,
156+ "log_msg" : "Evaluate Login Security"
157+ },
158+ {
159+ "method" : rules .eval_dns_servers ,
160+ "settings" : audit_settings ,
161+ "log_msg" : "Evaluate DNS Servers"
162+ },
163+ {
164+ "method" : rules .eval_smtp_protection ,
165+ "settings" : audit_settings ,
166+ "log_msg" : "Evaluate SMTP Protection"
167+ },
168+ {
169+ "method" : rules .eval_snmpv3 ,
170+ "settings" : audit_settings ,
171+ "log_msg" : "Evaluate SNMPv3"
172+ },
173+ {
174+ "method" : rules .eval_time ,
175+ "settings" : audit_settings ['time' ],
176+ "log_msg" : "Evaluate Time Settings"
177+ }
178178 ]
179179 for rule in rule_list :
180180 result = process_rule (rule ["method" ], rule ["settings" ], rule ["log_msg" ], fw_obj , status_dict )
0 commit comments