Anyone managing their corporate firewalls without the use of
modern analysis tools is committing security malpractice.
Every good security program starts with firewalls and the
ability to control network access to critical resources. However, firewalls are only as effective as
the set of rules defining communication access policies. While it is easy to
know when firewalls block legit access to applications - users call up the
service desk and complain - the bigger problem is it is nigh impossible to
detect when firewall rules inadvertently create broad access to your network .
The risk of enticing security incidents via gaping holes in
your network security are just too great to ignore. Ferreting out holes in your
firewall security requires a thoroughness and attention to detail that only an
automated product can provide. It is just asking too much of your best security
expert to find errors of omission and to prove negatives.
The good news is that firewall analysis tools are mature and
are effective. While they are first and foremost security products, you will
find many time saving benefits in helping you manage complex applications,
network reconfigurations, and evolution to virtualized data centers. Any of the
primary vendors will have references that you should talk with to better
understand the benefits.
There are some fine firewall analysis products out there
including (alphabetically) AlgoSec, FireMon, Solarwinds, and Tufin. RedSeal and Skybox
provide more network path analysis, but are also worth knowing about. If you
have any degree of network complexity, then go get one of these tools now. Consider
it an always-on rule.
Posts
No comments:
Post a Comment