Everything you ever wanted to know about security policy management, and much more.
With Halloween next week, it’s a good time to ask yourself: is my network haunted?
No, we’re not talking about whether or not you believe in the supernatural. Rather, let’s focus on an aspect of network security management that is often neglected – old, obsolete and duplicate firewall rules and policies.
In today’s dynamic cyber landscape, where firewall rules are added and updated on a daily or even hourly basis, it is all too easy for security policies to become unnecessarily bloated and cluttered.
Security policy bloat happens because network security engineers are afraid to remove policies ‘just in case’ – just in case they are needed again, just in case they are used by another application, or just in case their removal could inadvertently cause an outage.
As a result you often end up with duplicate rules, unnecessary rules, or rules that are now obsolete because they previously belonged to a decommissioned application. Just like the shadowy figure in the classic ghost stories, these rules are often overlooked – but they can make their presence felt in some unpleasant and potentially dangerous ways.
Overly extended security policies don’t just add complexity to daily tasks such as change management, troubleshooting and auditing. They can also impact the performance of your firewall appliances, decrease the hardware’s lifespan and increase TCO. Obsolete security rules left over from decommissioned applications are even more sinister; they can create security holes in your network perimeter, which cybercriminals may exploit to access your network.
Clearly security policy bloat is a complex burden for network security managers and it potentially introduces significant security risks as well as performance problems. But safely removing rules is not always easy and there’s always the risk that you may cause an application outage by doing so.
So what steps can you take to safely exorcise these ghost rules lurking in your firewalls? Here’s a five step process for reducing security policy bloat:
Going forward it’s far more effective and efficient to maintain policy hygiene by proactively and intelligently designing each rule change – thus reducing the possibility of bloat occurring in the first place. Using an automation solution to manage security will significantly speed up this processes, reduce the number of mistakes and the risks, and enable you to remain secure and compliant at all times.
Confronting your policy poltergeists may be a scary prospect, but the chaos that they can inflict if they are allowed to freely exist on your firewalls will ultimately prove to be far more daunting. So why not exorcise the spirits of firewall rules long since forgotten this Halloween?
Receive notifications of new posts by email.