The rules and operating settings of firewall devices should be reviewed periodically. Otherwise, your business will have difficulty identifying valid and up-to-date information on traffic information and access to network resources.
This is what defines the efficient performance of your network.
Firewall devices are designed to manage traffic, access permissions and to restrict application use. Rules are created to define criteria to accept or deny such traffics. In theory, one should only allow access to what is needed.
However, most times, the number of rules created exceeds the strictly necessary. For example, many errors occur as a result of new requests for more permission within the organization. These requests need to be evaluated against existing rules, avoiding redundancy and even competition between rules – which ultimately leads to errors.
Another frequent problem is to enable privileges without proper management. For example, a user requests permission to work with an application, but ceases to use it over time. Or users have access to applications or information that are not their right to use.
Inadequate management of corporate firewalls should lead to the following consequences:
- Ineffective access management, enabling undue privileges;
- Limited visibility on the activities of network users;
- Excessive complexity;
- Loss of resource performance and consequent loss of productivity;
- Increased costs associated with security management.
In all cases, the resolution of this type of problem is to understand the priorities of all the teams within the company, so that the creation or maintenance of new rules should be in line with real needs. This way, it is possible to define which risks are acceptable or to find alternative solutions for specific requests.
From there, it will be possible to map the set of rules to identify errors and solve them; and also to identify obsolete rules and accesses. This will reduce the complexity of the policy.