Network firewalls are one of the mainstay security controls that organizations around the world rely upon to protect our networks against attack.  These sentinels stand guard at the network perimeter and screen the packets entering and leaving our organizations for violations of carefully crafted security policies.  Unlike a human sentinel, however, network firewalls can’t exercise their own judgment.  They can only act upon a carefully designed set of rules, crafted by humans, designed to instruct the firewall how to react in any given set of circumstances.

The rules our firewalls rely upon are quite complex and, as with any complex system, are both vulnerable to human error and require periodic maintenance.  Failure to detect errors or maintain firewall rulebases can, in the best case, degrade firewall performance or, in the worst case, create significant security vulnerabilities that allow unintended access to sensitive information.  In addition to managing firewall rules, administrators should pay careful attention to firewall logs and consider the use of advanced firewall technologies.  In this story, we take a look at a few best practices you can follow to keep your network firewalls under control.