Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!
The number of devices in most security networks isn’t decreasing. In fact, many large enterprise networks add dozens of new devices every year. Each device contains an immense amount of data that can be vital to the security of the organization. But collecting data is only useful if you can easily access, process, analyze and share it with others.
For years, firewall managers have been required to justify why a firewall rule was added to the rule base. In the past, lots of us met that requirement by putting the change control ticket number in the “comments” column of the rule. That method worked for a while, but now that regulations like PCI and NERC require firewall managers to produce the full documentation multiple times a year, we need a new answer – one that does not require days of manpower. One that will survive the next time we change ticket systems (and yes, we will change ticket systems… again).
As security professionals, we don’t hold the responsibility for the risk that any access poses, the business leaders do. But we are responsible for advising on risks that are incurred and presenting the information on why our risk posture is the way it is.
So, explaining our access in terms that the business can understand is critical. If all that we know is a technical definition (like some internet IP address has access to some internal server using SSH), we don’t know very much. But, if we capture the justification for why that rule was put in, then we know “a consultant needs remote access to patch a critical application vulnerability.”
The second example shows the information our businesses need to make good risk decisions. It also gives us the information we need to ask the right technical questions, like, “Does that consultant still require access?”
Spreadsheets & Databases Don’t Work
I know a lot of companies have been documenting their firewall rules with spreadsheets and databases. Those are good point solutions, but they don’t scale for two big reasons: the rules move around, and the updates are still manual.
Firewall rules move, so tracking them based on rule number or position does not work. If you’ve tried this and created documentation, and then revisited that documentation a month later, you can barely recognize the work because the rule base has changed so drastically.
The manual nature of spreadsheets and databases is problematic as well. Updates are often made as an afterthought at end of the change process. These manual updates are difficult to enforce as integral parts of the change process, and so they remain inconsistent afterthoughts.
FireMon knows that good documentation is the cornerstone of firewall management. Making a decision about when to keep access in place or take it out is rarely a purely technical decision. Easily and quickly knowing who that access supports and what the access is providing is the basis for making any good decision.
FireMon’s solution integrates with the appropriate data sources (like change management and vendor administration tools) so that you can create documentation naturally, inside of a normal business process. It tracks the rules as they move up and down the rule base and keeps the documentation tagged to the right rule. And it fully reports on the data, including identifying those changes that were not documented.
From my experience, spreadsheets can’t fully report on anything. If yours can’t either, learn more about FireMon’s rule documentation capabilities at http://www.firemon.com/ruledocumentation.aspx.
So you’ve purchased a new firewall. Now what?
You’ve got to decide which access is allowed, which isn’t allowed and whether or not rules are compliant with internal and regulatory standards.
Things are running along smoothly and then the dreaded “change.” A user submits a new access request and the fun begins. Is this access necessary? Safe? Compliant? And what happens when it’s time to retire unused rules?
How Effective Security Management Can Help Teams Cover the Exponentially Increasing Gap between Technology & the Resources Available to Manage It
Security teams today are under tremendous pressure due to the rising frequency and impact of breaches and a business that wants to move faster and faster. The answer to both of these challenges has always been to add more technology and staff resources.
However, each new technology added creates complexity. More rules are created and more data is generated. As networks continue to evolve, this complexity will only grow. And while staff resources may increase, they will never match the exponential growth of technology.
FireMon calls this phenomenon The Complexity Gap and has set out to help security teams close it.
Join us for this webinar with Frost & Sullivan where we’ll explore the causes of “The Gap” and how workforce multipliers such as intelligence and automation help staff manage their security more efficiently and more effectively.
En la actualidad, uno de los retos principales es preparar las redes de seguridad, no sólo para enfrentar las amenazas, sino también para enfrentar los cumplimientos. El día 26 de enero se publicó en el Diario Oficial la LEY GENERAL DE PROTECCIÓN DE DATOS PERSONALES EN POSESIÓN DE SUJETOS OBLIGADOS.
¿Está tu red preparada?
¿Cuentas con los procesos necesarios para el cumplimiento?
En esta era digital los datos personales de nuestros clientes y proveedores pasan por una red y se almacenan en una base de datos. Éstos, por ley, deben protegerse por medio de sistemas y procesos. Uno de los objetivos de esta ley es establecer las condiciones de tratamiento de datos personales y fomentar la cultura de protección.
La Ley de protección de datos es mucho más que un simple aviso de privacidad; esta ley describe derechos y obligaciones que de incumplirse pueden ser penalizados. Asiste a este Webinar para conocer más y prepararte. Te mostraremos:
Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure
Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.