Firewall Rule Recertification - An Application-Centric Approach

As part of your organization’s security policy management best practices, firewall rules need to be reviewed and recertified regularly to ensure security, compliance and optimal firewall performance. Firewall rules which are out of date, unused or unnecessary should be removed, as firewall bloat creates gaps in your security posture, causes compliance violations, and impacts firewall performance. In the past, firewall rule recertification was often performed manually; an error-prone and time-consuming process. The new application-centric approach to firewall recertification offers an efficient, effective and automated method of recertifying firewall rules.

In the past, the only way to recertify a rule was to manually review the comments field of each firewall rule. At a minimum, the comment should include the name of the original rule requester and the rule’s purpose. Due to the manual nature of the process, it is prone to errors and difficult to maintain.

In this lesson, Prof. Wool examines some tips for including firewall rule recertification as part of your change management process, including questions you should be asking and be able to answer as well as guidance on how to effectively recertify firewall rules.

AlgoSec Firewall Analyzer delivers visibility and analysis of complex network security policies across on-premise, cloud, and hybrid networks. It automates and simplifies security operations including troubleshooting, auditing, and risk analysis. Using Firewall Analyzer, security and operations teams can optimize the configuration of firewalls, routers, web proxies, and related network infrastructure to ensure security and compliance. With the AlgoSec AppViz add-on, all business applications are discovered, identified, and mapped, providing critical security information regarding the firewalls and firewall rules supporting each connectivity flow.