Security Management Strategies for the CIOFirewalls are the cornerstone of every enterprise’s network security strategy, offering protection from a variety of common and emerging threats seeking to penetrate enterprise networks.
This firewall security best practices
Requires Free Membership to View
guide, which is a compilation of resources from SearchSecurity.com on
firewall
network security, offers helpful resources for network security novices as well as veteran
security analysts and managers. It explains how firewalls work, offers
firewall deployment best practices, details how to troubleshoot, test and configure firewalls, and
more.
Firewall
network security: Thwarting sophisticated attacks
In this expert response from Mike Chapple, gain a better understating of the importance of a
firewall to an enterprise’s security strategy, and learn how a firewall boosts network security by
protecting a network from sophisticated attacks, as well as the technology’s limitations.
Firewall
network security: How to plan a secure network with defense-in-depth
A defense-in-depth
security strategy is composed of a variety of defensive mechanisms that work in such a way that
if one of them fails, another one will provide redundancy, ensuring an enterprise is never left
open to attack.
Here, network security expert Anand Sastry explains how enterprise how a defense-in-depth strategy built on firewalls and other critical network infrastructure can augment enterprise network security, and reviews a practical defense-in-depth deployment scenario that uses existing technologies, including firewalls, to form a comprehensive and effective enterprise network security architecture.
More information on firewall security best practices
This introduction to firewalls defines the network security technology explaining each type and what they protect to keep enterprise data secure, from UTM to proxys.
As IPv6 gets rolled out on enterprise WANs, so will IPv6 firewalls, and IT should be aware of IPv6 security loopholes to adequately protect their corporate WANs.
Firewall
security best practices: Deployment scenarios for new types of security threats
In most enterprise firewall deployment scenarios, firewalls act as a first line of defense,
limiting access to a select group of online services to protect the enterprise from common
Internet-based threats.
In this article, security expert Anand Sastry discusses alterative firewall deployments, and firewall deployment best practices every enterprise should be aware of in order to guard against new and emerging security threats.
Firewall
security logging: Telling valid traffic from network 'allows' threats
Comprehensive firewall logging -- tracking traffic that was denied as well as traffic from the
network and traffic that was allowed -- can provide critical information to help identify network
security threats.
In this article, Anand Sastry explains comprehensive firewall logging and discusses how firewall logging, of “allow” events in particular, can assist enterprise security pros in detecting and preventing successful network security attacks.
Continuous
monitoring strategy for government security managers
Government security managers working with a compliance-based security model are constantly playing
catch-up, scrambling to comply with the latest security mandates or standards handed down from
above, making a move from a compliance-based security model to an continuous security model an
option worth considering.
Here, contributor Richard Walker offers insights and advice for government security managers on the
benefits of continuous
monitoring, as well as how to successfully implement a continuous monitoring strategy.
How
to properly implement firewall egress filtering
Deploying firewall egress filtering, while easy to do, can unintentionally break certain
applications and services by denying outbound traffic to the Internet, an aftereffect that causes
many enterprises to skip the process altogether for fear of disrupting mission-critical network
traffic.
In this article, contributor Scott Floyd explains the proper way to implement firewall egress filtering and block outbound network traffic, including how to use the log analysis tool Splunk to monitor firewall configurations.
How
to test a firewall: A three-step guide for testing firewalls
When weighing enterprise firewall purchasing options, security pros should never take the
vendors word for it; test it yourself.
According to security expert Joel Dubin, there are three essential steps when testing firewalls in the enterprise. Here, he outlines those steps and explains how to test a firewall, covering subjective evaluation, efficacy of threat mitigation and performance testing.
UTM
devices: Efficient security or a firewall failure risk?
A unified
threat management (UTM) device provides network protection beyond a simple firewall by offering
more advanced capabilities, including intrusion detection and prevention capabilities, content
filtering, virtual private
networking (VPN), antivirus/antimalware, data loss prevention (DLP) and vulnerability
management.
Enterprise compliance expert Mike Chapple discusses the capabilities of UTM appliances, as well as which type of defense is best for large and small businesses.
Next-generation
firewalls: Marketing hype or real value?
Do next-generation firewalls really deliver advanced security capabilities when compared to
traditional firewalls, or is it all just marketing hype?
Application security expert Michael Cobb examines the next-generation firewall, outlining the features and capabilities of the technology, and comparing them to more traditional firewall options on the market today.
Next-gen
firewall vs. UTM device: Which is better for Web 2.0 risks?
Next-generation firewalls and UTM devices have similar functionality and security capabilities, but
when it comes to protection against Web 2.0 threats, which is the better option?
In this expert response, Mike Chapple discusses the capabilities of both UTM and next-gen firewall devices, and offers advice on which is the best option for enterprise Web 2.0 security threat protection.
Security/virtualization
concerns: Where to place a firewall connection
In this expert question-and-answer segment, Anand Sastry discusses virtualization
security concerns, enterprise signature-based blocking best practices, and unveils where the
best place is for an enterprise to locate a firewall connection or blocking technology.
How
to implement virtual firewalls in a complex network infrastructure
Implementing virtual firewalls and virtual firewall classification can be beneficial in a
complex network infrastructure, allowing enterprises to maximize security spending by consolidating
multiple firewalls into one platform.
Here, Mike Chapple explains how to manage virtual firewalls in multiple security contexts, as well as virtual firewall configuration and purchasing best practices.
This was first published in July 2012
Join the conversationComment
Share
Comments
Results
Contribute to the conversation