5 Strategies to Improve Firewall Management: How to Automate Operations, Simplify Compliance Audits and Reduce Risk

• Introduction to AlgoSec

• A Look at Today’s Complex Network

• Strategies to Improve Firewall Management

• Next Steps

• Q&A

Agenda

2

Meet our Panelists

3

Kevin Beaver, CISSP Information Security Consultant

& Author

Principle Logic, LLC

Nimmy Reichenberg VP of Marketing & Business

Development

AlgoSec

• The Leader in Network Security Policy Management

• Award Winning Security Management Suite

• 800+ customers in 45 countries.

13 of the Fortune 50

• Fast growing - 95% growth in 2011

• Technology Partners include Check Point, Cisco, Juniper, Fortinet, Palo

Alto Networks, Blue Coat, HP, CA

• “Obsession” for Customer Satisfaction

AlgoSec Introduction

4

• Information Security Consultant

• www.principlelogic.com

• Author

• Some of my books include:

About Kevin Beaver

5

6

• Lack of audits

• Mostly manual

• No processes

• Minimal oversight

Issues I See in My Work

7

Implement

policies/plans

Enforce

with

technology

Know what

you’ve got Know how

it’s at risk

Refine and

repeat

Next-Gen Firewalls

Virtualized Data Centers

All network firewalls

eventually

Network Complexity is Increasing

8

10

Strategy #1:

Assess the risk of

the firewall policy

12

What exactly can

the bad guys see?

Logic and Reasoning

General

lack of

accountability

Strategy #2:

Maintain optimized

firewall rulesets

Logic and Reasoning

Strategy #3:

Manage firewall

changes

One mishap is

worth

hundreds of

thousands of

dollars…

19

Sustainable &

Repeatable Process

Control

Visibility

Automation

20

ROI for Automating Firewall Change Management

21

Annual Savings - $700K

3-Year Savings - $2.1M

Strategy #4:

Keep up with the

rules and regulations

Implement

policies/plans

Enforce

with

technology

Know how

it’s at risk

Refine and

repeat

HIPAA/HITECH

GLBA

SOX

PCI DSS

State breach notification laws

International laws

How is your business impacted?

23

24 24

We’re compliant,

therefore we’re

secure

25

Strategy #5:

Prove where

things stand

Technical issues

Operational Issues

The BIG Oversight

27

Your auditor

will be there

waiting…

28

29

Know your compliance status…

immediately and at all times!

29

Summary

Implement

policies/plans

Enforce

with

technology

Know what

you’ve got

Know how

it’s at risk

Refine and

repeat

The Magic Formula

31

Automation is Key

32

My website: principlelogic.com/resources

My blog/videos: securityonwheels.com/blog

My audio programs: securityonwheels.com

My books:

Let’s Connect: @kevinbeaver

www.linkedin.com/in/kevinbeaver

Kevin’s Information

33

34

• Firewall Management: 5 Challenges Every Company

Must Address http://pages.algosec.com/five_common_challenges.htm

• Trends in Firewall Configuration – Measuring the

holes in Swiss cheese (Research by Prof. Wool) http://arxiv.org/abs/0911.1240

• Firewall Management ROI Calculator http://www.algosec.com/resources/roi_calculator/

• Evaluate the AlgoSec Security Management Suite AlgoSec.com/eval

Next Steps and Q&A

35

Security Management. Made Smarter.

www.AlgoSec.com

Connect with AlgoSec on: