Firewall Management Practices: Top Practices

Firewalls that protect enterprise networks play a crucial role on the front line of defence. The people who administer these firewalls have a lot of responsibility in seeing that only the right kind of traffic gets through when it should, and all the bad stuff gets blocked.

The Top Practices of Firewalls

•  Keep the enterprise security policy manager or compliance manager in the loop on firewall changes.

In most midsize or large enterprises there is a security manager, risk manager or compliance manager role. This person is usually not a hands-on operational worker. Rather, he or she oversees setting the organisation’s overall policies and is responsible, more or less, for making sure that these policies are followed throughout the organisation and they should have an insight into what the firewall administrators are doing.

•  Clean up unused rules.

It’s not uncommon for a firewall to have hundreds or even thousands of rules, many of which are outdated and no longer serve the purpose for a business requirement. Unused rules sometimes harbour the potential for malicious attacks.

•  Eliminate conflicting rules.

Many firewalls already have such a complex rule base that oftentimes an administrator doesn’t know if he or she is implementing a new rule that conflicts with an existing one. This situation could cause the new rule to be completely dysfunctional because the device – acting on the principle of “first match” – executes the first rule it encounters that meets the criteria of the traffic.

•  Follow a consistent workflow for requesting and implementing firewall changes.

Firewall rules often are not properly documented. Without good documentation, it can be hard to tell who requested a rule or who owns it from a business perspective.

To find out more about our security services, including our managed firewall services, contact us today at support@techtron.co.za or visit our website: www.techtron.co.za.