AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.
Categories
Search

More results...

Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Filter by Custom Post Type
Posts

Is It More Secure to Use Firewalls from Two Different Vendors?

Auditing and Compliance Firewall Migration Risk Management and Vulnerabilities Security Policy Management
by Nov 14, 2010

Gartner recently published a short research paper aimed at answering this very question. Not surprisingly, Gartner recommends standardizing on a single vendor firewall platform since “More than 95% of firewall breaches are caused by firewall misconfigurations, not firewall flaws.” This pretty much puts to bed the age-old notion that deploying firewalls from different vendors can provide better protection in case a vulnerability in one firewall is exploited.

As a vendor that develops solutions that help organizations effectively deal with the complexities of managing firewall and network security policy, we are obviously no strangers to firewall misconfiguration. Manually managing multiple firewalls and large firewall rulesets is a daunting task even in a single vendor environment, and is amplified in a multi-vendor environment.

Despite the good advice from Gartner, the need to manage multi-vendors environments isn’t going to go away. Most organizations have firewalls from multiple vendors due to mergers and acquisitions, and since companies will forever merge and acquire, standardizing on a single vendor is a moving target rather than a single concentrated effort.

In light of this companies must make sure they have:

  1. Central Firewall Policy Management for ALL Firewalls – this includes the ability to track changes, understand what the policy is allowing, identify risks and audit the network policy. Organizations should have a unified view of the firewall policy across all firewall models, even (or especially) when traffic traverses firewalls from different vendors.
  2. A Proven Process for Firewall Migration – when it’s time to consolidate your firewall estate and standardize on a single vendor, organizations must ensure they can effectively translate and compare the “old policy” to the “new policy” and ensure a smooth business transition. One high-profile business disruption or breach as part of a migration process, and all the recommendations in the world may not get you through your next migration project approval.

 

Do you think using firewalls from multiple vendors is more secure?

Subscribe to Blog

Receive notifications of new posts by email.

Our Bloggers

View all
Prof. Avishai Wool
101
Tsippi Dach
44
Asher Benbenisty
20
Kyle Wickert
20
Nitin Rajput
4
Malynnda Littky-Porath
4
Avivi Siman Tov
3
Ava Chawla
3
Adel Osta Dadan
3

Professor Wool Educational Videos

Best Practices for Amazon Web Services (AWS) Security

View all

Resources

The KuppingerCole Analyst Report

Hybrid Cloud Environments: The State of Security

See AlgoSec in Action

Network Security Policy Management Lifecycle

Learn how a lifecycle approach improves business agility, reduces risks, and lowers costs

Download

Latest Tweets

You currently have access to a subset of Twitter API v2 endpoints and limited v1.1 endpoints (e.g. media post, oauth) only. If you need access to this endpoint, you may need a different access level. You can learn more here: https://developer.twitter.com/en/portal/product

Archives

Posts