asprom: assault profile monitor
asprom is a firewall compliance scanner.
You define a profile of which services your network(s) should offer to users. The scanner automatically and regularly portscans your networks using nmap and reports any aberrations from the defined profile.
This functionality can be used to ascertain PCI-DSS, BSI-Grundschutz or DIN 27001 compliance of stateful firewalls.
Don’t be afraid – it is easily installed, very user-friendly and doesn’t require any knowledge besides basic tcp/ip concepts :-)
More info on its home page: http://www.asprom.de