Wednesday, April 1, 2015

RSA is approaching - check out firewall analysis vendors

Anyone managing their corporate firewalls without the use of modern analysis tools is committing security malpractice.

Every good security program starts with firewalls and the ability to control network access to critical resources.  However, firewalls are only as effective as the set of rules defining communication access policies. While it is easy to know when firewalls block legit access to applications - users call up the service desk and complain - the bigger problem is it is nigh impossible to detect when firewall rules inadvertently create broad access to your network .

The risk of enticing security incidents via gaping holes in your network security are just too great to ignore. Ferreting out holes in your firewall security requires a thoroughness and attention to detail that only an automated product can provide. It is just asking too much of your best security expert to find errors of omission and to prove negatives.

The good news is that firewall analysis tools are mature and are effective. While they are first and foremost security products, you will find many time saving benefits in helping you manage complex applications, network reconfigurations, and evolution to virtualized data centers. Any of the primary vendors will have references that you should talk with to better understand the benefits.

There are some fine firewall analysis products out there including (alphabetically) AlgoSec, FireMon, Solarwinds, and Tufin. RedSeal and Skybox provide more network path analysis, but are also worth knowing about. If you have any degree of network complexity, then go get one of these tools now. Consider it an always-on rule. 

No comments:

Post a Comment