Top 10 reasons the firewall guy's hair is on fire
- 26 June, 2009 23:58
- Comments
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and PCI DSS 1.1 and 1.2 are pretty clear cut, firewall management shouldn't be much of an issue, right? No one is going to suffer the brunt of managing the significant infrastructure change these regulations are bound to bring more than the security operations team, correct?
Well, not really.
If your friendly neighborhood firewall guy (or gal) rolls into work late on a Monday morning sleep deprived and grouchy, cut him some slack. Here are some of the most common-yet-nerve-sizzling firewall snafus that have kept many an admin on a Friday-to-Sunday diet of fast food and Red Bull:
10.) The Saturday-at-midnight policy update process didn't go exactly as planned and he spent the rest of the weekend sorting through a bloated rule base to find out exactly what went wrong, and it ended up to be a slight overlap of rule 847 (meaning, 847 rules deep into the rule base) with rule 73.
9.) The network firewall rule base(s) have become so bloated that likely erroneous, obsolete and overlapping (or "shadowed") rules have caused unneeded risk or degraded hardware performance due to unnecessary processing and hardware drain (Yes, rule bloat is a big enough issue it warrants two of the top-10 spots)
8.) Monday's firewall changes didn't work when the polices were pushed out on Saturday because someone else's changes offset his and he had no idea who might have been making changes, what the change was, or why they made it.
7.) The last firewall guy had his own way of managing changes that is virtually indecipherable to those of everyone else, with no reference to the original request or business unit. And before he quit last month he accidentally cut off access to a mission-critical application when making a change.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
Australia's first 4G smartphone is the HTC Velocity 4G
-
Swedish e-commerce startup's execs linked to NYC sex crime
-
Face Time - Interview with John Brennan and Robert DiStefano
-
How to implement next-generation storage infrastructure for Big Data
-
Pfizer's Future Depends on IT Transformation
-
Fixing Your Dropbox Problem - How the Right Data Protection Strategy Can Help
It’s estimated that more than 50 million people have used public cloud storage services such as Dropbox to share and exchange files. Public cloud services are so easy to use that their openness can undermine existing IT policies regarding the transmission of confidential data. With data volumes threatening to overwhelm onsite storage, IT managers are looking to find a solution that’s affordable and secure. This paper details a simple three-step approach to helping users manage access to the public cloud without placing your data or your business at risk. Read on. -
Cost Effective Security and Compliance with Oracle Database 11g Release 2
Information ranging from trade secrets to financial data to privacy related information has become the target of sophisticated attacks from both sides of the firewall. Built upon 30 years of security experience, the Oracle database provides defense-in-depth security controls that enable organizations to transparently protect data. By leveraging these controls, organizations can safeguard data, ensure regulatory compliance, and achieve business goals such as consolidation, globalization, right sourcing and cloud computing while still maintaining scalability, performance and availability. Read this whitepaper. -
A whitepaper on Cloud Security
Articles include: The cloud security checklist; Creating a governance framework for Cloud Security; Hackers, like vendors are embracing the cloud. Are you?; Want government cloud? Rethink security! and more. Read this whitepaper.
-
Microsoft Office Word 2007 (70-601) WileyPlus Standalone Registration Card
-
Operating Systems Concepts with Java 6E eGrade Plus Standalone Access
-
ASP.NET 3.5 Website Programming Problem-design- Solution
-
Programming in Cobol/400 2E Wiley International Edition
-
Hdtv for Dummies, 2nd Edition
-
Crystal Reports 8 for Dummies
-
Professional SQL Server 2005 Performance Tuning
-
Teach Yourself Visually Wordpress
-
Visual Basic 2008 Programmer's Reference
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment