Are firewalls sexy? No…but you must understand that they’re an integral part of your overall information risk equation. From configuration flaws to rulebase anomalies to overall system inefficiencies, your firewall rulebases can make or break security, business continuity and other critical parts of your IT operations.
Last week, AlgoSec’s Nimmy Reichenberg and I recorded a webinar titled How to Automate Firewall Operations, Simplify Compliance Audits and Reduce Risk that you may want to check out. It’s not salesy or filled with marketing fluff. It’s more of us having a conversation about some common firewall security and management oversights and what needs to be done to rein in the problems.
I’m a believer in firewall rulebase optimization. I’ve seen mis-managed and undersecured firewalls do everything from take down an entire enterprise’s operations for hours on end to making critical network flaws open to the outside world. I’m working on such projects right now and I’m pretty sure every network – every firewall – that hasn’t been properly reviewed and that isn’t being properly managed has these same risks present at this very moment.
Check out our discussion and see if you think there’s a fit for better firewall oversight in your enterprise.You can’t change what you tolerate in IT…acknowledge the issues that are hidden in your environment and vow to do something about them once and for all.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”