DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 32, Issue 2

Full Contents Now Available!

Monday, 08 April 2019 15:59

Don’t go once more unto the breach: fix these policy configuration mistakes

It may not be the most interesting aspect of protecting your business but optimizing policy configuration for firewalls and other security devices is an important consideration. Asher Benbenisty examines four common security policy errors, and shows how organizations can avoid them.

As security threats become more and more advanced, managing your network’s defences / defenses correctly has never been more critical.  The effectiveness of firewalls and other security devices depends on the security policies which control how they operate.  These policies, which can comprise tens or even hundreds of thousands of firewall rules, dictate what traffic is blocked, what is allowed, and where it’s allowed to go to enable security, ensure compliance and drive business productivity. 

It’s increasingly challenging to maintain these policies, so that the needs of the business are optimally balanced with the need to limit risk and be as secure as possible. In most organizations, business applications are being introduced or changed rapidly, to support more users or new functionality.  Organizations are also moving to virtualized and cloud infrastructures, which introduce new security controls and connectivity flows that must be managed if business applications are to remain secure and compliant at all times.  As such, it’s no surprise that Gartner estimates that 99 percent of firewall breaches are the result of simple misconfigurations. 

So, what are the most common and harmful misconfigurations that can creep into firewall rulesets and security policies? Let’s take a look at some of the most prevalent, and what can be done to avoid them.