Last updated September 18th, 2024 by Erez Tadmor
You’ve done it: your organization is ready to build (or reconstruct, or replace) its firewalls! We know selecting the right solutions was a decision you did not take lightly, and you’ll want to best set up the new firewall(s) – and your organization’s security posture – for success.
In this blog, we’ll put you in the director’s chair of how to take a look at firewall implementation strategies and best practices, providing you a checklist to make your own organization’s firewall deployment a smooth and satisfying one.
Act 1: Planning Stage
Before making a critical change to your internal network, you’ve got to get a feel for the network blueprint itself. What does your existing network security infrastructure look like?
- Identify elements of your network infrastructure
- Key Assets
- Sensitive Data
- Potential Vulnerabilities
Act 2: Design/Network Review Stage
All right, we’ve got the network figured out, but now it’s time we understand how to properly connect to it. You’ll need to define your list of connections and access controls.
- Specify your network’s servers and services that connect to them
- Build a repository of all your applications and routers
- Understand their requirements from the network
- Document communication paths associated with the servers – relevant ports and possible sources and destinations
Tools exist to simplify these steps, thankfully, and we’ll talk about them in a bit more detail at the end of this blog, too.
Act 3: Initial Firewall Configuration Stage
Network blueprint and connectivity steps: check. Now it’s time to look at the configuration. We’ll want to understand the following elements and endpoints of your new firewall (and old one, if adjustments are being made), so be sure to establish (or review any existing):
- Firewall policies
- NAT rules
- VPN and/or VLAN settings
- IP addresses
- Affiliated authentication, validation, and/or SSL processes of the above
For the firewall migrators, this is a big deal, as you want to make sure any previous policies are carried over from an old firewall.
What’s the Big Deal with Initial Settings, Security Policies, and Rulesets?
As we’ve oft discussed on this website, an organization’s firewall policy sets the framework for inbound/outbound traffic management, administrative rights/access, potential threats to block, and how to adhere to regulatory and organizational compliance standards.
As for the compliance piece. It’s not just a “piece,” it’s the backbone for keeping your firewall security operations up-to-date, in line with regulations (e.g. PCI DSS and HIPAA), and your security team sane.
Act 4: Testing 1, 2, 3.
With an established plan in place, along with the proper technology and policies to drive operations, it’s time to test your firewall out before putting it on the big stage. In order to verify everything is functioning properly – and, you guessed it, securely – in terms of managing network traffic and repelling threats, you’ll want these items taken care of:
- Ensure firewall rules above are properly configured/programmed
- Set up VPN connections
- Establish testing timeline and schedule (aka Test! And then schedule the next test round/cadence)
Act 5: Cut(ting Over)!
Ready to go? Don’t forget a proper plan for the cutover. We’re not saying *something* will go wrong, but it is always best to be prepared. A contingency plan or rollback plan helps mitigate any potential pain should any part of the launch process not go to plan.
Additionally, just to make sure all bases are being covered, you’ll want to confirm your Incident Response (IR) and disaster recovery (DR) plans. To recap each, an IR plan helps establish the way in which an incident response team detects, contains, and manages cybersecurity incidents (e.g., phishing and/or ransomware attacks). It also can help identify what went wrong so any issues can be prevented in the future. The DR plan is intended to restore IT settings and operations as quickly as possible after a cyberattack or other technical outage/issue, with the intent of minimizing downtime, PR/reputation damage, and/or legal issues. It also helps in terms of preparing for any future problems as it serves as a means for documenting existing processes/procedures.
- Have a rollback (contingency) plan ready, just in case
- Have – and confirm – the company IR and DR plan(s)
Showtime!
It is time. Your firewall is ready to launch. All that’s left is making sure it stays in strong – high availability, anyone? – working order. Make sure you’re properly managing what’s happening, and making room in calendars for routine evaluations. Success is never final, so a culture of “constant improvement” in firewall management is important, so be sure to keep a proper record of where your firewall can continue to be optimized.
- Schedule routine evaluations (not to be confused with testing) and audits*
- Maintain optimizations “wish list” or “punch list”
*Yep, we’ve got an audit checklist too.
Lights, Camera, Tufin
This checklist may feel daunting, but it doesn’t have to be, especially when tools like the Tufin Orchestration Suite exist. Imagine being director, producer, run crew, cameraperson, etc. all at once and in one place with a centralized management interface that simplifies tasks like reviewing firewall logs, optimizing rules, and staying ahead of emerging cybersecurity threats. Ready for a close-up? Book a live demo with our firewall deployment experts today.
Don't miss out on more Tufin blogs
Subscribe to our weekly blog digest