The Firewall Policy Hangover: Alleviating Security Management Migraines

980 views
808 views

Published on

The Firewall Policy Hangover: Alleviating Security Management Migraines provides a brief history of the evolution of firewalls, examines how complexity leads to misconfiguration risk and concludes with a discussion on firewall policy management best practices and real-life lessons learned. Additionally, this presentation shares research from “The State of Network Security 2012” that examines:
• the challenges of managing network security policies
• the impact of changing business requirements
• the benefits and limitations of emerging firewall technology

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
980
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
16
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

The Firewall Policy Hangover: Alleviating Security Management Migraines

  1. 1. The Firewall Policy Hangover:Alleviating Security Management Migraines
  2. 2. The Complex Maze of Network Security Policies Challenge #1 30% Manual, Time-Consuming ProcessesSource: State of Network Security, AlgoSec, 20122
  3. 3. The Complex Maze of Network Security Policies Challenge #1 30% Manual, Time-Consuming Processes Challenge #2 22% Lack of Visibility into Security PoliciesSource: State of Network Security, AlgoSec, 20123
  4. 4. The Complex Maze of Network Security Policies Challenge #1 30% Manual, Time-Consuming Processes Challenge #2 Challenge #3 22% 16% Lack of Visibility into Poor Change Security Policies Management ProcessesSource: State of Network Security, AlgoSec, 20124
  5. 5. The Complex Maze of Network Security Policies5
  6. 6. Complexity Increases Misconfiguration Risk Firewall risk survey Small is Beautiful Risk versus complexity Firewalls are Misconfigured 42%Source: Firewall Configuration Errors Revisited, Avishai Wool6
  7. 7. Fast & Furious Firewall Changes… Can You Keep Up?• 20-30% of changes are unneeded• 5% implemented incorrectly7
  8. 8. An Out-of-Process Change Has Lead to… More than 50% of respondents said out-of- band changes cause a system outage 60.0% 50.0% 40.0% 30.0% 20.0% 10.0% 0.0% Data breach System outage Failing an audit None of the aboveSource: State of Network Security, AlgoSec, 20128 8
  9. 9. New Technologies Add to the Complexity • Virtualization of the Data Center • Next-Generation Firewalls9
  10. 10. Why Next-Generation Firewalls?Traditional firewalls cannot tell thedifference between different… and10
  11. 11. Better Security… At a Price 76% of respondents said NGFWs increase burden of managing firewall policies The added policy We have a granularity requires centralized- more info to gather management for audits solution and/or process The additional controls of NGFWs We have to manage create additional NGFW policies policies that must separately from be managed traditional firewall policiesSource: State of Network Security, AlgoSec, 201211 11
  12. 12. NGFW Policy Considerations Whitelisting Blacklisting More secure Less overhead & disruption BUT… BUT… VS. More work Less Secure12
  13. 13. NGFW Policy Considerations Whitelisting Blacklisting More secure Less overhead & disruption BUT… Or Both! VS. BUT… More work Less Secure13
  14. 14. The AlgoSec Security Management Suite (SMS) Business Impact • 60% reduction in change management costs • 80% reduction in firewall auditing costs • Improved security posture • Improved troubleshooting and network availability • Improved organizational alignment and accountability14
  15. 15. Best Practices to Alleviate the Firewall PolicyManagement Migraine
  16. 16. Complex, Highly Segmented Network Environment• Network has Evolved Over 20 Years • Third-party domains • Business-to-business connections • More than 1,000 policy enforcement points • Mergers and Acquisitions • Aggressive consolidation• Firewall Estate Growing in Size and Complexity • Demonstrate firewall rules are still valid and authorized • Ensure new rules are not allowed unless approved and authorized • Technology landscape has shift • Web-everything – lack of consistency 16
  17. 17. How Has BT Overcome these Challenges?• Identified and Prioritized Criteria for Off-the-Shelf, Automated Firewall Policy Management Solution • Total Cost of Ownership • Roadmap of features aligned to technology strategy • Engagement - Willingness to Partner with BT• Improved Network Security Visibility and Control • Track down rogue connectivity or connectivity that was not understood • Gain an immediate view of high-risk situations • Reduce cycle-time and error rates • Improve rule base implementation process • Simplify audits through automatically generated compliance reports • ‘Checks and Balances’ to demonstrate control 17
  18. 18. Lessons Learned and Recommendations• Gain Control - complexity leads to weakness and cost• Stale Process drives poor behavior• Consider the culture of the company• Easy to grow the rule base – much harder to shrink it• Human error is a significant risk and cost• Risk and compliance reporting to focus attention• Leverage value from the toolset• Utilize automation and control to improve security, not just cut cost18
  19. 19. Summary
  20. 20. Q&A and Additional Resources• 2012 State of Network Security – Report http://www.algosec.com/en/resources/network_security_2012• Firewall Configuration Errors Revisited (Research by Prof. Avishai Wool) http://arxiv.org/abs/0911.1240• Firewall Management ROI Calculator http://www.algosec.com/resources/roi_calculator/• Evaluate the AlgoSec Security Management Suite AlgoSec.com/eval20
  21. 21. Security Management. Made Smarter.www.AlgoSec.comConnect with AlgoSec on:

×