Information Security Leader, Author, Instructor and Speaker

An Analysis of Firewall Rulebase (mis)Management Practices

Posted on February 1, 2009 in Articles | by

Firewalls are complex security devices that protect information assets from external attack. Natural aging of their rulebases and administrator error combine to create a high likelihood of policy misconfiguration. These configuration errors can pose significant risks to the security of protected environments, due to both accidental promiscuity and the cognitive difficulties inherent in analyzing large rulebases. We recently conducted an analysis of self-reported data about firewall rulebase management practices in modern organizations, reaching the conclusion that most currently deployed firewalls are poorly managed.

Read the article: An Analysis of Firewall Rulebase (mis)Management Practices

Published in the ISSA Journal, February 2009


Leave a Reply

Your email address will not be published. Required fields are marked *

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography