Firewall Management EssentialsBy Mike Rothman
We all know and love the firewall. The cornerstone of every organization’s network security defense, firewalls enforce access control policies and determine what can and cannot enter your network. But, like almost every device you have had for a while, you take them for granted and perhaps don’t pay as much attention as you need to. Until a faulty rule change opens up a hole in your perimeter large enough to drive a tanker through. Then you get some religion about more effectively managing these devices.
Things are getting more complicated as next-generation functionality brings a need to define and manage application policies; new devices and infrastructure evolution make it difficult to know what is allowed and what isn’t. The issues around managing firewalls can be summed up in an excerpt from our newest paper:
Like a closet in your house, if you don’t spend time sorting through old stuff it can become a disorganized mess, with a bunch of things you haven’t used in years and no longer need.
This metaphor fits the firewall like a glove, so we decided to get back to our network security roots to document the essentials to automating management of firewalls. We explain the need for a strong automated change management process, the importance of optimizing the rule base, and the benefits of managing access risk. It should serve as a good primer on how to improve the operational excellence of your network security controls.
We would like to thank Firemon for licensing the research and supporting what we do.
You cannot get rid of firewalls, and if anything their importance is increasing daily. So you might as well get better at managing them, and that’s what this research is all about.
Download: Firewall Management Essentials