Trends Shmends, How about Focusing on Network Security Fundamentals?

Tis the season when everyone comes out of the woodwork to offer their top trends for the coming year. What’s the latest threat? What are the new attack vectors? And much more. However, what we continuously overlook are the good ol’ network security basics.

I recently read one of the many great quotes from the late Steve Jobs… “Simple can be harder than complex. You have to work hard to get your thinking clean to make it simple.” In the realm of network security and more specifically firewall management, this idea REALLY comes to light because we talk/hear about the sophisticated and complex threats, but we leave the fundamentals for later…

IT and security staffs are generally have too much on their plates. And it’s only getting harder with 24x7x365 service levels and with rising use of the cloud, mobility, etc. What ends up happening a lot of the time is that instead of addressing root problems, organizations find themselves falling into the inevitable trap of dealing with symptoms/issues when they arise instead of proactively addressing the root cause.

Based on some of the stats out there, roughly 90% of organizations around the globe do not automate firewall management, and 95% of all firewall breaches are caused by misconfigurations. One senior IT professional I spoke with said when he first started and asked how his organization was managing firewall changes the response was a bunch of blank stares. That paints a pretty ugly picture.

But firewall management automation can help organizations to move from complex policies and rules and siloed processes to effective and efficient ones. Let’s take a look at a few examples:

• Organizations may have tens to hundreds of firewalls from different vendors deployed throughout the enterprise that are jam-packed with thousands of unnecessary lines of rules and lack any uniform firewall change management processes. There isn’t sufficient time to go through all of these rules and many rules can introduce unnecessary risk. Automating the analysis of rules and tying into change management processes can not only “clean up” historical issues, but also provide proactive or prescriptive solutions to ensure continuous security, performance and compliance.
• Network engineers may have ownership of the company’s firewalls, but the security team still needs to be able to enforce firewall change management policies to ensure that network security is not impacted by a change. Breaking down this wall/silo that separates IT and security teams can speed up time from both teams, provide senior management the necessary visibility for compliance and busines continuity purposes.

As a firewall management vendor, it’s no surprise to hear me say that ensuring firewalls are configured properly is a very good step to getting more out of your firewalls and ensuring solid network security. But too often we leave the fundamentals for later. So in the season of “top trends” here’s to going back to basics. Happy Holidays everyone.