AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

Is It More Secure to Use Firewalls from Two Different Vendors?

by

Gartner recently published a short research paper aimed at answering this very question. Not surprisingly, Gartner recommends standardizing on a single vendor firewall platform since “More than 95% of firewall breaches are caused by firewall misconfigurations, not firewall flaws.” This pretty much puts to bed the age-old notion that deploying firewalls from different vendors can provide better protection in case a vulnerability in one firewall is exploited.

As a vendor that develops solutions that help organizations effectively deal with the complexities of managing firewall and network security policy, we are obviously no strangers to firewall misconfiguration. Manually managing multiple firewalls and large firewall rulesets is a daunting task even in a single vendor environment, and is amplified in a multi-vendor environment.

Despite the good advice from Gartner, the need to manage multi-vendors environments isn’t going to go away. Most organizations have firewalls from multiple vendors due to mergers and acquisitions, and since companies will forever merge and acquire, standardizing on a single vendor is a moving target rather than a single concentrated effort.

In light of this companies must make sure they have:

  1. Central Firewall Policy Management for ALL Firewalls – this includes the ability to track changes, understand what the policy is allowing, identify risks and audit the network policy. Organizations should have a unified view of the firewall policy across all firewall models, even (or especially) when traffic traverses firewalls from different vendors.
  2. A Proven Process for Firewall Migration – when it’s time to consolidate your firewall estate and standardize on a single vendor, organizations must ensure they can effectively translate and compare the “old policy” to the “new policy” and ensure a smooth business transition. One high-profile business disruption or breach as part of a migration process, and all the recommendations in the world may not get you through your next migration project approval.

 

Do you think using firewalls from multiple vendors is more secure?

Subscribe to Blog

Receive notifications of new posts by email.