Stay Safe Online with the FireMon 5 Cybersecurity Safety Tips. Learn More

Preventing Security Misconfigurations: Change Management and Compliance

It’s an enormous and unending daily challenge to make sure that changes to firewall policies are not just executed quickly and efficiently, but changes don’t decrease the security of your network. Changes – such as those made for an internal client requesting access – if not executed perfectly can lead to slowdowns, outages, or even open up potential for hackers to exploit these mistakes in the form of breaches.

It’s already an arduous task to manage changes and additions to things like firewall rules, network and service objects, users, and even keeping up on basic configuration settings – plus honestly, right now, how do you keep up with the latest compliance standards that your network security team just rolled out, when you know that all rules don’t even have the right comments in them? Or worse, these changes you’re about to put in could allow a hacker to exploit a new vulnerability that just appeared this week. There’s just too much to try to manage in your team’s head.

Even with a well-established change management policy, this is such a sure recipe for mistakes that their occurrence is not just understandable, it’s virtually inevitable. 

Unfortunately, mistakes put your network and your assets at risk. Through the next several years, Gartner says that misconfiguration errors will be responsible for 99% of all firewall security breaches

In short, these inevitable misconfigurations and rule errors can have serious consequences for your business. That leads to an important question: Does your network security software help you identify rule or configuration changes that do not meet your compliance standards, and thereby allow you to remediate them promptly, before they can cause harm? 

For example, does your network security policy management solution allow you to quickly and easily:

  • Create search queries to identify existing rules (or network or service objects) that are affected by a pending policy or configuration change – and export the resulting list to share with team members for remediation?
  • Convert the search terms into a control for use in ongoing security assessments in any of multiple categories (Allowed Services, Device Properties and Status, Service Risk Analysis and more), allow you to apply the assessment or control to specific elements or devices within your network, and even write remediation instructions in the event of a failure?
  • Ensure that any failed controls are automatically flagged in customized reporting – in real time – with device and other relevant details, prioritized by severity?
  • Visually review compliance across your entire enterprise with a matrix of sources and destinations – data centers, cloud zones, external and internal connections and more – to see at a glance which destinations are accessible from which sources, whether each possible routing meets compliance policies or is even governed by one?

These kinds of security-friendly capabilities are critical in helping you prevent misconfigurations and rule errors from creeping into your network, remaining undetected and unremediated, and introducing potentially serious security risks.

Check out this demo to see how effective use of network security software capabilities can streamline compliance reviews and improve your security posture. 

The important take-away is to understand how a security solution can help your team more effectively reduce security misconfigurations and better protect your enterprise. And you may learn some tricks you can apply to your current security solution to help your team work more effectively and efficiently. 

About the Author

You May Also Like

AWS Permission Boundaries for Dummies

AWS permission boundaries are confusing. I know they are confusing because they confused me, and it took me a couple years to figure them out. I also know they are confusing because Corey Quinn said so, and asked for someone to make them less confusing. AWS Copilot, a CLI for

Read More >

Back to Basics: What’s the Password?

Cyber safety is not just for CISOs or techies anymore. Technology touches all of us nearly every single day, from baby nurseries to nursing homes. It is so important that everyone understands the basics of safe cyber activity. October is Cyber Security Awareness Month and FireMon is here to provide

Read More >

Get 9X Better

See how to get:

90% Efficiency Gain by automating firewall support operations

90%+ Faster time to globally block malicious actors to a new line

90% Reduction in FTE hours to implement firewalls

Schedule a Demo