Network Advisor collects configuration information from every security-related device on the enterprise, correlates the information, and tells you where you need to change an incorrectly configured device. This is enterprise-wide security peace of mind in a box.

Network Advisor is in its glory when you need to use it to manage tens or hundreds of thousands of rules and access control lists (ACLs) on large, complicated networks. These networks have multiple paths between secure segments and between public networks and secure segments.

Back channel connections from inside the protected network to the public internet pose a serious risk to the enterprise. These back channels can develop due to someone configuring a device contrary to policy on purpose - usually for some perceived personal convenience, such as remote access to the user's work computer - or due to an erroneous configuration. Given the number of rules and ACLs that must be analyzed in order to ferret out these erroneous configurations, some centralized form of correlation and analysis is necessary. That is where Network Advisor comes into the picture.

In addition to evaluating the intranetwork paths and the rule sets and ACLs that manage them, Network Advisor evaluates both ingress and egress paths to and from the enterprise, as well as to and from external, untrusted networks, such as the internet. The egress analysis is extremely important when evaluating the potential for data leakage and possible sources within the enterprise.