Access "Automated configuration management tools clean out redundant rules"
This article is part of the October 2007 issue of Tips from the 2007 Security 7 Awards
The problem is almost as old as the firewall: Keep your business safe without impeding operations; keep dangerous traffic out while making sure legitimate traffic moves freely and quickly. That's not always easy, especially in large, distributed enterprises. Over time, hundreds of firewalls, often from multiple vendors, spawn thousands of rules, many redundant or obsolete. Performance degrades and the network may be at risk without your knowledge. Change management becomes a formidable challenge in this environment--testing the impact of new rules, making sure an apparently redundant rule is really redundant and an obsolete rule is never actually used. "The process was manual, intensive and prone to error," says Dave Witherspoon, director of technical security and forensic services at Canadian-based Scotia Bank. "We lacked confidence cleaning up old rules, in case someone was still using them." It doesn't have to be that way. Automated firewall configuration management tools from companies including AlgoSec, Secure Passage and Tufin Technologies allow ... Access >>>
Premium Content for Free.
Achieving Access Control with Symark PowerBroker 5.0
In this product review, discover everything you need to know about Symark PowerBroker 5.0, such as policy control, logging and reporting capabilities, configuration and management.
Guardium SQL Guard 6.0 product review
Guardium SQL Guard 6.0 is evaluated on its ability to monitor access to SQL databases. SQL Guard ensures a system of checks and balances between the security and database engineering teams.
Knoppix-NSM removes complexity of Snort-based network security monitoring
by Russ McRee, Contributor
Open source Knoppix-NSM is a complete network security monitoring system on a single CD.
Device Management: Pointsec Protector software review
Pointsec Protector manages unsecured ports and endpoint devices while transparently delivering encryption, filtering content, enforcing policies and maintaining an audit trail, even when mobile devices are disconnected from the network.
BeyondTrust Privilege Manager 3.0 product review
BeyondTrust's Privilege Manager 3.0 addresses elevated user privileges through a Group Policy extension that allows organizations to control permissions for selected processes and applications.
- Achieving Access Control with Symark PowerBroker 5.0
SonicWALL TZ 180W firewall product review
SonicWALL TZ 180W is an effective firewall for small- and medium-size businesses with a subset of features that will appeal to network managers.
Proofpoint On Demand Product Review
In this product review, learn about Proofpoint On Demand antivirus and antispam features.
Security 7 Award winners successfully integrate security and business
The 2007 Information Security magazine Security 7 Award winners demonstrate how their strategies for integrating their security programs into the overall business.
Log management reins in security and network device data
Learn how to manage log data from security and network devices in order to manage security events in real time.
Automated configuration management tools clean out redundant rules
Change management becomes a tough challenge when implementing numerous firewalls.
- SonicWALL TZ 180W firewall product review
Learn to balancing security and usability
Security measures such as constant password changes, are becoming intrusive, and the return is questionable.
Interview: CISO explains enterprise's access control policies
Access control and authentication isn't as simple as setting up user IDs and passwords.
Vendor compliance management: Are health care software vendors HIPAA compliant?
Software used in health care is rife with vulnerabilities. It's time vendors shape up.
- Viewpoint: Hard drive encryption growing
Redefining free security software
Popular open source security products such as Nessus, Snort and Clam AV are being commercialized, redefining the notion of free software.
- Learn to balancing security and usability
More Premium Content Accessible For Free
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...