|
|
|
Features
< Back
Security : Firewall : Policy Management : Service Level Agreements
Back to Basics
By
Calum MacLeod
|
|
Calum MacLeod
Director of Sales, Benelux
Tufin Technologies
|
The last few months have been a cold shower for most of us as we’ve suddenly woken up to the reality that life as we know it can be so uncertain. Information Technology like every other part of an organization is today faced with the challenge of delivering more for less. Ambitious new projects are now nice to have and not essentials. Gone are the days when your success was measured by how much over budget you went on a project, or by getting noticed by focusing on projects that demanded lots of resource but ultimately ended up requiring an army of contract staff to keep it running.
Today we’re getting back to basics, which can summed up in the three Rs – Reduce, Rationalize, Return. Everyone in 2009 is reducing; reducing staff, investment, and trying to trim operational costs. At the same time risk control and business continuity has taken on more urgency.
With companies trying to reduce costs, rationalization has become extremely important. Over the past five years many companies have added a myriad of systems to their IT infrastructure. The financial sector is the classic scenario where the turmoil of the past twelve months has resulted in organizations having to absorb other organizations with the resulting diversification of systems and processes.
Infrastructures need to be integrated, often with disparate technologies and vendors. This in turn has led to huge problems for many auditors and security officers in trying to ensure that risk is contained and that business continuity is not impacted, and this is particularly an issue when you are dealing with firewalls from multiple vendors. Security change management and security lifecycle management become a major area of concern and the only way to manage this effectively is to invest in security management tools that provide a unified interface for multiple vendors.
Finally ROI is very important. Investments that are made today must be able to demonstrate a measurable return on investment. Simply adding technology for the sake of technology, or starting expansive projects with no measurable return other than succeeding in process automation are simply out of the question. Investments that are made need to focus on improved performance, extending the lifespan of existing technology, and providing a measurable improvement in the area of risk management and business continuity. Security change implementation cycles that normally took days now need to be measured in hours.
One of the key areas that many organizations are now addressing is in the area of firewall and router management. For example in a medium sized organization with 50 to 100 firewalls it can be estimated that the cost to the organization as a result of not having an Firewall Policy Management in place can be up to half a million dollars annually. These costs result from change requests not being implemented correctly due to operations not fully understanding the business users’ requests or implementing changes incorrectly. The result is significant time wastage and frequently network and service downtime, often to critical applications. In addition there is a knock on effect in terms of business exposure. Managed Service Providers and Telcos are especially vulnerable to this since very often they have punitive Service Level Agreements with their clients. So for example a firewall or router change that results in loss of service to a user needs to be firstly avoided if at all possible, and secondly rectified as quickly as possible to avoid financial and business exposure. It’s hard enough to find new clients nowadays so losing clients due to mis-configurations is absolutely unacceptable.
Other areas where companies very often “burn money” is in replacing existing equipment due to the demand to maintain performance levels. Firewalls and Routers are particularly susceptible to this since performance is directly impacted by the number of rules configured. Without effective configuration management a number of things usually occur. Firstly rules are frequently duplicated (fully shadowed) or partially duplicated (partial shadowing) simply because there is no mechanism in place to do rule usage analysis and policy analysis.
By eliminating the process of manual analysis, not only does an organization make major savings in operational costs but more importantly it will improve the operating efficiency of their firewall and router environment, and reduce operational errors. It is often the case that a thorough analysis of a rule base will find that up to 50% of rules are either overlapping and in many cases never used. By cleaning up the rule base not only does the organization benefit from improved performance but just as important in today’s climate it can defer additional investment in more powerful or additional systems which only exacerbate the situation.
The analogy can be compared to your average hard disk where probably 50% of the data stored on the hard disk is probably never used and is often years out of date. Most of us will buy a new hard disk rather than simply delete data that is never used. Taking the time to clean up your rule bases not only removes the need for costly upgrades in both the short and longer term.
Utilizing Firewall Policy Management, or FPM as Gartner calls it, will realize major cost savings in areas such as policy Analysis, Rule Usage Analysis, Rule Cleanup and Optimization. It will provide improved business continuity and add years to the life of your existing infrastructure And while you’re at it give your firewalls and routers the full treatment.
The Bottom line: if you want to keep your job demonstrate that you’re bringing ROI to your employer!
Calum MacLeod
Director of Sales, Benelux
Tufin Technologies
Calum MacLeod is a Regional Manager for Tufin Technologies. With more than 30 years of expertise in secure networking technologies, Calum brings deep domain expertise and a wealth of long standing business relationships to Tufin.
Prior to joining Tufin, Calum worked at Cyber-Ark Software as Director of Business Development, where he was responsible for developing their business in Privileged Identity Management in Western Europe and Africa. Prior to Cyber Ark he has worked with several companies in the development and launching of new technologies such as SSL VPN and PKI.
MacLeod has also served as an independent consultant to corporate and government clients on IT security strategy for various European market segments, including the European Commission.
|
|
|
|
|
