I just returned from 3 very busy days at Cisco Live 2013 in London. We met people from companies around Europe, Middle East and Russia and had over 80 meetings with folks who have very specific challenges which need attention. Almost without exception, everyone we spoke to is experiencing the same issues:
- Their growing firewall rule set
- The ever-increasing ACL in their Cisco routers and switches
- Pressure from their organization to deliver flexible security, that meets compliance, regulations and internal policies without causing significant delay to daily business operations.
This can seem like an almost impossible challenge.
If you are trying to manage these challenges every day, you probably agree that working in a mixed firewall vendor environment, combined with large and complex ACL's maintained in CLI are tasks that give you very little time to reflect on the rules you create and have created.
While some firewall vendors offer tools to ease the burden of administration, none of them deliver tools that can handle and work across multiple vendors. The majority of the people we had meetings with at the show are responsible for a business network that combines both multiple firewalls and multiple network vendors.
If you were at Cisco Live, you will know that it is a large event which covers a lot of technologies. These days there is a lot of media coverage concerning Cloud Computing, SDN, video and data center virtualization. With all the focus on these areas, it seems that the people administrating the firewalls and the network are sometimes forgotten.
It may be that firewall, routing and switch administration does not have the same "buzz" as other areas in the IT industry, yet it is still a fact that a mishandled network device can cause down time, network breaches or even worse, loss of money and productivity.
After Cisco Live, I was asked to provide some feedback and observations from the event. I will spare you from reading about the event itself and instead I'll share the challenges we heard and the solutions we can help with:
- How to document firewall rules in real time
- How to report, document and analyze mixed vendor firewall and network equipment
- How to compare and document firewall rule set against previous rule sets
- How to map firewall rules with applications, owners and ticket ID's.
- How to do configuration audits on Cisco IOS devices
- How to incorporate company IT polices into Change Automation
- How to automate risk analysis
- How to map the network
- How to document redundant and unused firewall policies and objects
- How to minimize the gap between the application owners and network operations
- How to minimize time of delivery in firewall change requests
- How to automate and implement change requests into firewalls
- How to handle PCI-DSS and other regulatory challenges
- How to proactively handle audits
So if you are reading this and facing some of the above challenges, contact me for a chat to see how we can ease your burden, without compromising your security. Reach out to me on Twitter and LinkedIn