2014 Budget Priority: Firewall Management

The calendar now shows November and leaves are blanketing the ground – two signs that the end of the year is upon us.  This means reviewing how your organization performed during 2013 – any data breaches or failed audits? How quickly were access requests responded to? – and then deciding what to focus on, and budget for, in 2014.

The strategic role that firewalls play in today’s network security architecture, especially as they evolve to include next-generation features, makes addressing firewall management issues a critical short-term need – and a top candidate for 2014 investment. Firewall management systems are the only way to have single pane of glass visibility into every firewall in your network and their operational benefits are many:

– Automating Change:

It all starts with a strong change management/workflow process. Effectively managing firewall change requests includes ensuring proper authorization for the change, evaluating the change for new attack paths, auditing of all changes, and the ability to roll back if there is a problem.

– Optimizing Rules:

It’s important to keep the rule set secure and optimized by defining network topology and identifying ingress and egress points to prioritize rules sets and identify potential weaknesses, like shadowed rules. Complexity increases when migrating from ports and protocol-based firewalls to application-aware NGFW.

– Controlling Risk:

Staying on top of security posture and minimizing attack surface must be done on a continuous basis. As firewall policy changes are considered, based on new devices, locations, or application changes, it’s important to quantitatively assess how these changes can impact security posture and attack surface and looking at alternatives if the risk is too great.

For additional reading to help you build your budget case, see our white papers on  “The Top 5 Myths of Data Breaches,” “Firewall Management Essentials” and our Customizable Purchase Justification Template.