Earlier this week we announced the findings from a survey we conducted this past April at InfoSecurity Europe. Each year we ask how many separate network security consoles participants manage, and for the past two years the answers have been almost identical: 44% of respondents manage 6 or more consoles - with 32% of that 44% managing 10 or more. Since everyone that participated in the survey was directly involved with firewall operations, and most work for mid-to-large sized organizations, it is highly likely that several of these consoles are firewall consoles.
The majority of our customers manage firewalls from multiple vendors. Managing rule bases for multiple firewalls is complicated enough, especially when the average firewall rule base consists of hundreds and sometimes thousands of rules. Managing rules for tens to hundreds of firewalls from multiple vendors adds additional complexity and room for error when done manually. For organizations that fit that profile, the ROI for a firewall operations and compliance solution can be dramatic.
Think about it: let's say you are for the most part a Check Point shop but you inherited some Juniper Networks and Fortinet firewalls via acquisition or technology transition. Your company is subject to PCI DSS, which means you are required to do periodical firewall audits.
Preparing for those audits can be a daunting task in itself - and that doesn't take into consideration the operations piece:
- How can you manage firewall risk within each firewall and across the entire, multi-vendor estate?
- How can you manage rule changes?
- How can you make sure that policies are normalized and optimized so that you are not taxing the firewall unnecessarily or implementing inefficient changes?
- How can you ensure that a change won't introduce a security breach or compliance violation?
- How can you normalize the performance of several firewall admins each with different knowledge and experience levels?
- How can you automate compliance checks for regulatory compliance standards or internal policies?
Implementing a firewall operations solution will dramatically ease the pain of managing multiple firewalls- instead, you can centralize firewall management so that you have a single, a top down view into the security and compliance posture of your entire firewall estate.
Once you have that in place you can start applying some of the benefits of automation - especially when it comes to daily operations - plotting changes and checking those changes proactively against security and compliance requirements; normalizing policies across the entire organization making sure all changes are properly documented, and there is a complete audit trail for each change.
How do you think this would benefit your organization?
For more on how firewall management can benefit your organization, check out our resources page for a wide variety of customer success stories, white papers, videos, webinars and more.