I recently saw the results of a survey published by Athena Security entitled “The Corporate Firewall-Playing With Fire” that stated that up to 95% of corporate firewalls may be vulnerable due to the difficulty of auditing them manually. It goes on to state that firewall audits require a review of the configuration rules that that determine the firewall’s behavior in context of the network.
Firewall management can be complicated by a number of factors: network complexity, multi-vendor heterogeneous environments, managing and maintaining the rule base, and understanding the impact of changes before the changes are made. The reality, however, is that there’s really no reason that firewall auditing and configuration management has to be that difficult if one uses the appropriate automated tools. Specifically, a combination of an automated firewall analytics and a network change and configuration management (NCCM) tool can greatly simplify this process.
Firewall analytics tools will allow you to understand all components of the firewall configuration and provide assistance around profiling, search, rule/object cleanup, security audits, change impact, and historical tracking. Configuration management tools will greatly simplify the firewall configuration process by providing change management, real-time alerts, policy violation detection and reporting, config backups, config comparisons, and activity tracking in a unified interface.
By incorporating these two tools, you can more effectively manage firewall configurations and the changes that are made to these firewall configurations.
SolarWinds has partnered with Athena to provide integration between SolarWinds Network Configuration Manager and Athena’s FirePAC firewall analytics tool. To learn more about this integration, you can download this whitepaper: Firewall Management with SolarWinds Network Configuration Manager & Athena FirePAC.