• Home

  • Business

  • Sweating Your IT Assets – Look No Further Than Firewall Rules for Real Savings
1
Sweating Your IT Assets Look No Further Than Firewall Rules for Real Savings There‟s no denying that IT budgets are currently being squeezed harder than ever before; “sweating your existing assets” and “doing more with less” have been the industry‟s watch words for some time. Against this background, routine, maintenance tasks such as analysing your firewall‟s rule base seem totally unrelated to “doing more with less”. But reviewing your rule base is one of the most cost effective activities ways to improve your overall system‟s performance: done effectively, it can give you as much as a 30% performance improvement. Reviewing and cleansing firewall rules is often overlooked or ignored, particularly as a regular maintenance activity: in a recent survey of IT security professionals more than 50% admitted that their firewall rules were “a mess”. After implementing a firewall, most organisations continuously add, amend and update rules but few check that they‟re still relevant, appropriate and required on a regular basis. As a result, IT departments can be unwilling to review or amend it; often they have (rightly) concerns that deleting or amending any rule may leave them vulnerable to security threats. Additionally, administrators often need to be able to identify conflicting rules which can create security vulnerability of their own or overlapping rules. Often, the rule base is only cleansed because new rules need to be added and there simply isn‟t any more capacity left to accommodate them. A typical firewall can function very effectively with a rule-base or around 100 lines, yet it‟s not uncommon for them to have at least 500 rules and in some cases, many thousands. Over time, the rule-base will evolve into an extremely bulky linear list which far from assisting can often clog and slow down a system‟s performance and create a bottleneck on the network. It‟s not difficult to understand the loss in performance if every item passing through a firewall has to be checked against a lengthy set of rules, many of which are outdated, have been superseded or not relevant. Given the complexity and age of many rule-bases, it‟s understandable that IT departments have real concerns that deleting or shutting off specific rules may create more problems than it solves. But this needn‟t been as complicated or as difficult as expected: there are now rule-base analysis packages available such as Tufin‟s SecureTrack which can show what will happen when individual rules are changed or deleted. This kind of software can be particularly useful when upgrading to a new firewall, as it allows users to cleanse their rule book and then only apply the relevant rules to their new firewall ensuring that it works at optimum efficiency. If a new firewall isn‟t an option, there are several other ways in which reviewing your rule-base can improve your systems‟ performance: ordering your rules so the most important ones are at the top of the list will give significant improvement in response times. Additionally, some rules (such as those which allow inbound traffic from the Internet, where the “source” address is „any‟) are targeted more often than others for security breaches. Identifying these rules and then ensuring that they‟re 100% watertight will reduce your risk of a security breach. There‟s another key reason to review firewalls rules more frequently: audit and compliance. Companies looking to operate in certain industries, particularly retailing, financial services, healthcare are increasingly being asked to provide assurances and are audited accordingly that they operate within the remit of industry guidelines and legislation such as the PCI DSS (data security standards) and Sarbanes Oxley. An up to date, regularly maintained rule-base for a firewall is an intrinsic part of providing the necessary audit trail and compliance information. Reviewing your rule-base may not be the most exciting activity, but given the tools now available and the obvious upside for performance, it may be one of the most effective ways to achieve that much heralded goal of doing more with less. Author: Nick Garlick, managing director, Nebulas Solutions Group July 2009

Sweating Your IT Assets – Look No Further Than Firewall Rules for Real Savings

Embed Size (px)

Citation preview

Page 1: Sweating Your IT Assets – Look No Further Than Firewall Rules for Real Savings

Sweating Your IT Assets – Look No Further Than Firewall Rules

for Real Savings

There‟s no denying that IT budgets are currently being squeezed harder than ever before; “sweating your existing assets” and

“doing more with less” have been the industry‟s watch words for some time.

Against this background, routine, maintenance tasks such as analysing your firewall‟s rule base seem totally unrelated to “doing

more with less”. But reviewing your rule base is one of the most cost effective activities ways to improve your overall system‟s

performance: done effectively, it can give you as much as a 30% performance improvement.

Reviewing and cleansing firewall rules is often overlooked or ignored, particularly as a regular maintenance activity: in a recent

survey of IT security professionals more than 50% admitted that their firewall rules were “a mess”. After implementing a firewall,

most organisations continuously add, amend and update rules – but few check that they‟re still relevant, appropriate and required

on a regular basis. As a result, IT departments can be unwilling to review or amend it; often they have (rightly) concerns that

deleting or amending any rule may leave them vulnerable to security threats. Additionally, administrators often need to be able to

identify conflicting rules which can create security vulnerability of their own or overlapping rules.

Often, the rule base is only cleansed because new rules need to be added and there simply isn‟t any more capacity left to

accommodate them. A typical firewall can function very effectively with a rule-base or around 100 lines, yet it‟s not uncommon for

them to have at least 500 rules and in some cases, many thousands. Over time, the rule-base will evolve into an extremely bulky

linear list which far from assisting can often clog and slow down a system‟s performance and create a bottleneck on the network.

It‟s not difficult to understand the loss in performance if every item passing through a firewall has to be checked against a lengthy

set of rules, many of which are outdated, have been superseded or not relevant.

Given the complexity and age of many rule-bases, it‟s understandable that IT departments have real concerns that deleting or

shutting off specific rules may create more problems than it solves. But this needn‟t been as complicated or as difficult as

expected: there are now rule-base analysis packages available such as Tufin‟s SecureTrack which can show what will happen when

individual rules are changed or deleted. This kind of software can be particularly useful when upgrading to a new firewall, as it

allows users to cleanse their rule book and then only apply the relevant rules to their new firewall – ensuring that it works at

optimum efficiency.

If a new firewall isn‟t an option, there are several other ways in which reviewing your rule-base can improve your systems‟

performance: ordering your rules so the most important ones are at the top of the list will give significant improvement in response

times. Additionally, some rules (such as those which allow inbound traffic from the Internet, where the “source” address is „any‟)

are targeted more often than others for security breaches. Identifying these rules and then ensuring that they‟re 100% watertight

will reduce your risk of a security breach.

There‟s another key reason to review firewalls rules more frequently: audit and compliance. Companies looking to operate in

certain industries, particularly retailing, financial services, healthcare are increasingly being asked to provide assurances – and are

audited accordingly – that they operate within the remit of industry guidelines and legislation such as the PCI DSS (data security

standards) and Sarbanes Oxley. An up to date, regularly maintained rule-base for a firewall is an intrinsic part of providing the

necessary audit trail and compliance information.

Reviewing your rule-base may not be the most exciting activity, but given the tools now available and the obvious upside for

performance, it may be one of the most effective ways to achieve that much heralded goal of doing more with less.

Author: Nick Garlick, managing director, Nebulas Solutions Group

July 2009

http://www.nebulassolutions.com/security/services/assessment-services/firewall-security-policy-assessment/
http://www.nebulassolutions.com/security/services/assessment-services/firewall-security-policy-assessment/
http://www.nebulassolutions.com/security/services/assessment-services/database-security/
http://www.nebulassolutions.com/security/services/assessment-services/database-security/

Security Firewall Firewall design principle. Firewall Characteristics. Types of Firewalls. Firewall Components & Configurations

Security Firewall Firewall design principle. Firewall Characteristics. Types of Firewalls. Firewall Components & Configurations

Documents
Sweating in Hot Baths

Sweating in Hot Baths

Documents
Windows 7 Firewall. Windows 7 Firewall Topics What is a firewall? What is a firewall? Firewall types Firewall types How a firewall works How a firewall

Windows 7 Firewall. Windows 7 Firewall Topics What is a firewall? What is a firewall? Firewall types Firewall types How a firewall works How a firewall

Documents
Symptoms of malaria include periodic chills, fever, headache,and sweating, and sweating,kidney problems, liver, damage,brain, problems, problems

Symptoms of malaria include periodic chills, fever, headache,and sweating, and sweating,kidney problems, liver, damage,brain, problems, problems

Documents
Running, Sweating, and PeRSiStence Hunting

Running, Sweating, and PeRSiStence Hunting

Documents
Excessive Underarm Sweating SEVERE PRIMARY Sweating

Excessive Underarm Sweating SEVERE PRIMARY Sweating

Documents
Sweating the UX Details

Sweating the UX Details

Design
How To Control Sweating

How To Control Sweating

Documents
Excessive sweating or hyperhidrosis

Excessive sweating or hyperhidrosis

Health & Medicine
FIREWALL WAN HAIL FIREWALL INTERNET …FIREWALL WAN HAIL FIREWALL INTERNET SERVERS PROXY WEB ROUTER CLIENT pcs

FIREWALL WAN HAIL FIREWALL INTERNET …FIREWALL WAN HAIL FIREWALL INTERNET SERVERS PROXY WEB ROUTER CLIENT pcs

Documents
Weetamoo The Sweating Ceremony By: Halle Auvigne

Weetamoo The Sweating Ceremony By: Halle Auvigne

Documents
Public Speaking. Crying? Sweating? Shivering? Freaking out?

Public Speaking. Crying? Sweating? Shivering? Freaking out?

Documents
How To Reduce Sweating

How To Reduce Sweating

Documents
Are wearables worth sweating over?

Are wearables worth sweating over?

Health & Medicine
Sweating TCM Diagnoses and Treatments Spontaneous Sweating + Night Sweating Etiology & Pathology: Etiology: 1) Spontaneous Sweating: Interior & Exterior

Sweating TCM Diagnoses and Treatments Spontaneous Sweating + Night Sweating Etiology & Pathology: Etiology: 1) Spontaneous Sweating: Interior & Exterior

Documents
Excessive Sweating

Excessive Sweating

Documents
Hyperhidrosis Overview - Understanding The Sweating Issue

Hyperhidrosis Overview - Understanding The Sweating Issue

Health & Medicine
Excessive Sweating While Sleeping

Excessive Sweating While Sleeping

Documents
Excessive Sweating In Children

Excessive Sweating In Children

Documents
Sweating While Eating

Sweating While Eating

Documents
How To Stop Underarm Sweating

How To Stop Underarm Sweating

Documents
McAfee Firewall Enterprise v8.3.2 and McAfee Firewall ... Firewall... · McAfee Firewall Enterprise v8.3.2 and McAfee Firewall Enterprise Control Center v5.3.2 Security Target 17

McAfee Firewall Enterprise v8.3.2 and McAfee Firewall ... Firewall... · McAfee Firewall Enterprise v8.3.2 and McAfee Firewall Enterprise Control Center v5.3.2 Security Target 17

Documents
MAXIMAL SWEATING RATE IN HUMANS

MAXIMAL SWEATING RATE IN HUMANS

Documents
Sweating Saris: Indian Dance as Transnational Labor

Sweating Saris: Indian Dance as Transnational Labor

Documents
Sweating Your Assets

Sweating Your Assets

Economy & Finance
5 presentation worries to stop sweating

5 presentation worries to stop sweating

Presentations & Public Speaking
Excessive Sweating Treatment Los Angeles

Excessive Sweating Treatment Los Angeles

Health & Medicine
Stop Sweating and Start Living!

Stop Sweating and Start Living!

Health & Medicine
Excessive sweating causes & medical conditions concerned2

Excessive sweating causes & medical conditions concerned2

Health & Medicine
Sweating Genesis

Sweating Genesis

Documents