Today's firewall technologies are getting more complex and harder to configure and administer. Technologies, such as virtual private networks (VPNs) and wireless networking, make maintaining this perimeter more difficult.
For this reason, the firewall technologies might operate in an unexpected way that could cause unplanned network downtimes and ultimately a system crash. To get the firewalls to work at an optimum, you need to integrate a firewall management policy into your system.
When implementing the firewall management policy, the ultimate goal is to quickly bolster security, support a larger IT policy as well as provide detailed guidance for the people managing the firewalls. To achieve this, financial services firm should do the following steps.
- the network. The analysis should include the capacity, expandability, scalability and management of firewalls and perimeters.
- Review your firewall management policies to ensure they are keeping pace with new threats (e.g., via firewalls logs) and does not conflict with established security and business policies. Review firewall configurations in response to changes to compliance regulations.
- Review your compliance policies to ensure the compliance regulations have been met and the data required for compliance has not been blocked by the firewalls and the storage of data has been retained for a specified period of time. Review your backup policies and test periodically the restoration of backup media. Run backup tapes at off-production times to ensure they are in good condition.
- Conduct a pilot study on integrating firewall management policy into a sample portion of the enterprise. This will help the integrators solve any potential problems before integrating the firewalls on a large scale, as well as determine what education and training the systems administrators will need to solve unusual anomalies. Without proper training and education, the firewalls can be difficult to configure and administrator.
- As part of the study, test stateful multi-level (SML) firewalls to see if they deploy the best features of the other three firewall types: network, circuit and application levels. They filter packets at the network level and they recognize and process application-level data. They don't employ proxies, but they deliver reasonably good performance in spite of the deep packet analysis.
- Test firewall monitoring for real-time alerting and consider using an add-on product to combat emerging threats. Periodically test new technologies against the firewall to determine that the system is performing as designed. Review firewall logs.
Implementing the firewall management policy can be a challenge for a financial services firm. Proper implementation techniques can make the job easier.
About the author:
Judith M. Myerson is a systems architect and engineer. Her areas of interest include middleware technologies, enterprise-wide system, database technologies, application development, network management, computer security, information assurance, financial, RFID technologies and project management.
This was first published in September 2008