Nearly two-thirds (65 percent) of IT security pros would be grounded in some capacity for the messy state of their firewall rules. Of those, over half or one-third of the total said that if their firewall rules were a teenager's room, Mum would be so angry that they'd be grounded for life.
New research from FireMon was collected at InfoSecurity Europe last month from 300 IT security professionals. The results revealed that 32 percent claimed that they had inherited over half of the rules they manage from a predecessor and a quarter of security pros confessed to being afraid to turn off rules put in place prior to them managing them. Furthermore, 72 percent use two or more firewall vendors within their IT environments.
FireMon offered some tips on how to tidy up a firewall policy:
Step 1: Remove technical mistakes – A hidden rule, which includes redundant and shadowed rules serving no legitimate business purposes and can be removed.
Step 2: Remove unused access – Analyse and correlate the active policy against the network traffic pattern.
Step 3: Review, refine and organise access – Determine if rules are justified against a defined business requirement and analyse the need vs risk acceptance for the rule.
Step 4: Continual policy monitoring – Have real-time change event monitoring and alerting and real-time audit reporting to know when a violation of your security policy has occurred.