Moving Beyond Firewall Configuration Management

The PlatenReport describes the ultimate network management suite in this blog post.

"For over 20 years, the firewall has been the cornerstone of TCP/IP (Internet) security. In fact, the firewall has crossed-over from the geek to the chic as it has appeared or starred in print, television, and movies. While the battle between hackers and security vendors rages on, firewalls have become more sophisticated and complicated to operate and manage. Further adding to the complexity is the increasing trend to build firewalls into routers, switches, unified chassis, and more.

Over the past few years, companies like Tufin, AlgoSec, SecurePassage, Skybox Security, and more have created products that analyze firewalls configurations, rules, and policies to alert security personnel to possible issues. They have the ability to manage multiple firewall vendors as well as analyzing configurations from multiple firewalls deployed within an organization. These products are essential to managing and maintaining an ever complex and changing security posture that requires automation to augment and compliment human interaction. However, to completely understand an organizations security posture we must move beyond the firewall.

While firewalls are complex, they represent only a fraction of the total number of network devices within an organization. Security personal routinely issue changes to routers, switches, IDS/IDP, and more that impact the entire network infrastructure. Adding to the complexity are new devices and technology, such as WAN acceleration and virtualization, which are becoming mainstream. These changes are important to maintain security and regulatory compliance within an organization."

Read the full blog post here.

I felt compelled to comment on this post.

"Platen,

I love your approach, a paradise for network admins. Full control, no surprises and everything integrated into a beautiful GUI: Security, risk, compliance and business continuity.

There are two known approaches to achieve this kind of goal: a monster solution that does everything and a mix and match of good tools in different areas (best of breed).

Personally, I believe in the second approach but this depends on the ability of solutions to work with each other.

Security and security management vendors will only open APIs for interoperability if the market demands it.

So my advice is to the users – rather than asking your vendors to do more, tell them to work together.

Reuven"