Firewall Rule Recertification - An Application-Centric Approach

As part of your organization’s security policy management best practices, firewall rules need to be reviewed and recertified regularly to ensure security, compliance and optimal firewall performance. Firewall rules that are out of date, unused or unnecessary should be removed, as firewall bloat creates gaps in your security posture, causes compliance violations, and impacts firewall performance. In the past, firewall rule recertification was often performed manually; an error-prone and time-consuming process. The new application-centric approach to firewall recertification offers an efficient, effective and automated method of recertifying firewall rules.

In the past, the only way to recertify a rule was to manually review the comments field of each firewall rule. At a minimum, the comment should include the name of the original rule requester and the rule’s purpose. Due to the manual nature of the process, it is prone to errors and difficult to maintain.

In this lesson, Prof. Wool examines some tips for including firewall rule recertification as part of your change management process, including questions you should be asking and be able to answer as well as guidance on how to effectively recertify firewall rules.

Discover, identify, and map business applications and security policies – anywhere. With the industry’s only app-centric perspective, you can now gain full visibility into the security policies and the business applications that run your business - across your entire hybrid network. AlgoSec Firewall Analyzer enables you to stay on top of your security posture with continuous analysis and detection of risk and compliance gaps, allowing you to adapt quickly before an attack happens.