Firewall Rules Analysis and Optimisation
Firewall policies are in a constant state of flux to meet constantly changing enterprise needs. Firewall administration teams in large organizations often process dozens of rule additions and changes daily. This continuous change causes the firewall configuration to grow dramatically over time. A huge and subsequently complex firewall configuration is hard to manage and may require lengthy research in order to add or change a rule. Moreover, the complexity of the configuration decreases the firewalls performance and may lead to potential security breaches.
Finding unused rules that have not matched any traffic, duplicate rules, and rules that are covered by other rules is a complex manual task for the firewall administrator. It may take days of investigating just to locate such rules in huge firewall configurations, while at the same time the firewall is continuing to change daily due to user requests.
Benefits
Firewall policies are in a constant state of flux to meet constantly changing enterprise needs. Firewall administration teams in large organizations often process dozens of rule additions and changes daily. This continuous change causes the firewall configuration to grow dramatically over time. A huge and subsequently complex firewall configuration is hard to manage and may require lengthy research in order to add or change a rule. Moreover, the complexity of the configuration decreases the firewalls performance and may lead to potential security breaches.
Finding unused rules that have not matched any traffic, duplicate rules, and rules that are covered by other rules is a complex manual task for the firewall administrator. It may take days of investigating just to locate such rules in huge firewall configurations, while at the same time the firewall is continuing to change daily due to user requests.
Benefits
- Optimized Performance eliminates clutter by identifying duplicated, disabled, expired, and unused rules and objects and provides guidance for rule reordering.
- Saves time, and money by enabling IT operations to avoid unnecessary changes, avoid introducing clutter and avoid introducing potential risks.
- Enhanced Management maximizes efficiency by enabling Queries across multiple firewall platforms and multiple firewalls verifying that changes are necessary, that business processes will not be impacted by changes and allows IT to easily troubleshoot disruptions.
- Improved Change Management optimizes workflow by offering “what if” analysis across firewall platforms, before implementing change requests.
- Ensured Regulatory Compliance aligns configurations with standards: SOX, PCI-DSS, ISO 27001, ISO 27001, HIPAA, FISMA, IAVA, Cyber Security Standards (CIP), Basel II, and NIST 800-41.
- Deep Risk Analysis automatically maps topology and identifies the most serious threats based on industry best practices, prioritizes subsequent risks and offers guidance on what and how to remediate.
- Automated Assessment and Compliance generates automatically populated per firewall compliance reports, assuring continued adherence to internal corporate policies and external regulatory standards.
- Continuous Security Audit provides complete audit trail and replaces error prone manual task to ensure configuration is aligned with policy.
- Offline Web Interface provides offline policy store delivering unprecedented visibility and insight to ensure current configurations match mandated policies and continuous firewall rule changes