Thursday, January 11, 2018

Rule base optimisation - the best way?

Hey Guys,

In your opinion, what is the best way to optimise your firewall rule base? We've recently had a few customer opportunities come in looking for this service. Not necessarily to make the policy more or less permissive by reviewing business applications and their needed traffic flows and tightening the security posture that way, but more the act of removing duplicate or shadowed rules, reviewing contradicting rules and which needs to take precedence, collating/collapsing same source/destination/service rules in to less rules, removing unused rules, and so on. Anything that makes it easier to view and manage. Security posture may be looked at once it's tidied IMO.

Any reliable multi-vendor automation tools that can help out here?

Cheers!



No comments:

Post a Comment