March 28, 2024
Firewalls are complex security devices that protect information assets from external attack. Natural aging of their rulebases and administrator error combine to create a high likelihood of policy misconfiguration. These configuration errors can pose significant risks to the security of protected environments, due to both accidental promiscuity and the cognitive difficulties inherent in analyzing large rulebases. We recently conducted an analysis of self-reported data about firewall rulebase management practices in modern organizations, reaching the conclusion that most currently deployed firewalls are poorly managed.
Read the article: An Analysis of Firewall Rulebase (mis)Management Practices
Published in the ISSA Journal, February 2009
Leave a Reply