Firewalls are among the most important elements of network security, filtering traffic to allow the free flow of legitimate communications while preventing unauthorized access. However, rising management complexity is actually making firewalls a source of exposure.
To combat increasingly sophisticated threats, today’s firewalls include far more security features than their precursors. With that comes the need for careful configuration, continual monitoring and ongoing updates. In a typical mid-market enterprise with perhaps 100 or more firewalls in place, the management requirements can quickly become overwhelming.
Part of the problem is that firewall interfaces tend to be complex and not very intuitive, which increases the likelihood of mistakes that can have serious consequences. Gartner analysts say up to 99 percent of all firewall breaches are caused by misconfiguration issues rather than any flaws with the technology itself. The Capital One breach last year illustrates the danger. A hacker exploited a misconfigured firewall to steal 106 million customer records in the third-largest recorded breach in U.S. history.
Companies should consider offloading firewall management to a MSP.
Access to the Right Expertise
Considering the essential role firewalls play in network security, most companies should probably consider offloading the management burden to a qualified managed services provider (MSP). Not all MSPs are created equal, however. Only an MSP with specific expertise in firewall configuration and policy development can provide the kind of dedicated monitoring and management required to ensure that your firewalls are always properly patched, updated and audited.
Firewall management is an integral element of GDS’s Advanced Infrastructure Security suite. Our comprehensive approach begins with the implementation of a next-generation firewall that incorporates application-aware packet inspection, access control and intrusion prevention services to better detect and block malicious traffic.
GDS provides all the hardware and software required. Upon installation and configuration, we:
- Handle all administrative tasks
- Add or delete user accounts
- Modify firewall rules and updating configurations
- Remotely install patches, bug fixes and software updates as needed.
Reduce Rules Sprawl
Rules management is an especially critical part of the service. User-defined rules that establish how firewalls will filter traffic require consistent updating to account for ongoing changes to the network environment. Every time you add or remove users, devices, applications or remote sites to the network, firewall rules must be modified.
Over time, the rule bases that drive firewall actions can become bloated and inefficient due to expired, obsolete or duplicated policies. In a recent Illiumo survey of IT professionals, nearly two-thirds say they have more than 1,000 rules on each firewall. Larger organizations with multiple firewalls often have hundreds of thousands of rules.
Firewall rules sprawl not only makes management difficult, it can create significant compliance issues. For instance, the PCI-DSS standard requires organizations to review firewall rules at least once every six months, but surveys indicate that few organizations regularly conduct such audits. One study found that most organizations audit their firewalls no more than once a year, and up to 20 percent never audit.
GDS will establish, maintain and modify firewall rules to eliminate outdated rules that create security and compliance gaps. Additionally, our ongoing monitoring delivers much greater insight than most companies typically get with do-it-yourself firewall management or other managed services. Our Network Operations Center reviews and analyzes logs and events and provides regular reports about firewall performance, active users and traffic patterns. Any suspicious trends will generate immediate alerts.
Firewalls are the first line of defense in network security, but many organizations are inadvertently introducing risk through insufficient management practices. Give us a call to discuss your current firewall environment and how we can help you remove complexity and improve your security posture with comprehensive firewall management and monitoring.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.