AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

Making the Business Case for Firewall Policy Management: Part 4 of 4

by

So far, we’ve examined the business case for firewall policy management around the following areas:

In our final segment of this blog series, we’ll examine the value of extending hardware lifespan.

Having been deployed for several years, most firewall policies are cluttered, and contain many rules which are no longer needed by the business. In addition to increasing the likelihood of misconfiguration, this clutter negatively impacts the firewall performance, requiring the firewall to process a significant amount of rules until a rule that “matches” the traffic is found. Ultimately, organizations are required to invest in costly hardware upgrades to counteract the degradation in performance.

But what if you could optimize and clean up these cluttered policies by automatically identifying rules to consolidate (similar rules), and discovering and removing unused rules and objects, as well as shadowed, duplicate and expired rules? What if you could leverage actionable recommendations for reordering rules (i.e. rule 58 gets hit much more often than rule 3, so let’s move #58 ahead of #3) to improve firewall performance – without impacting the business?

You would end up with a firewall running “like new” and most importantly delay the purchase of expensive hardware upgrades, by as much as a year. This claim isn’t smoke and mirrors, but backed by customers with whom I’ve spoken.

For more detailed information on how to optimize your firewall policy to improve performance, I suggest reviewing our whitepaper on Cleaning Up Firewall Clutter.

Subscribe to Blog

Receive notifications of new posts by email.