According to SearchSecurity, A firewall is “a network security system, either hardware- or software-based, that controls incoming and outgoing network traffic based on a set of rules.” While many people have heard the term used often, only 4% of Americans say they understand firewalls “completely,” and more than 44% don’t understand firewalls at all or even know if they have one enabled on their PC.
Firewalls have been, and should continue to be, an integral part of multi-layered defenses for both business and personal security alike. Here are a few tips for getting the most out of your firewall systems:
1. Review your firewall rules
Audit and review firewall rules periodically. Consider this: firewall administrators may start adding rules to accommodate requests from internal users about rules that are preventing access to resource. While you may have started with a clean set of policies for blocking things at the network edge, over time rules become obsolete, redundant and conflicting, allowing in traffic that might have previously been blocked. Review firewall rule sets every six months. Remove the obsolete or expired rules and expired rules, and look at existing rules first before adding new ones to avoid duplicating or conflicting.
2. Performance test your firewalls
You need to more than just set your firewalls up at default state and assume they will run their course accordingly. Test the performance capabilities of your firewall systems after all rules have been configured. Build a small set of scenarios that will represent your network and usage, and test against an equally small set of configurations of the firewalls. Firewalls do most of their work when handling HTTP and HTTPS traffic, so spend time focusing on that. Determine what the “pass/fail” performance testing indicators will be and stick to it.
3. Implement role-based access
Consider assigning and authorizing access to the network resources based on a user’s role within the organization. Based on role and responsibilities, users can have varying degrees of access within systems, allowing administrators to permit or restrict access to network resources based on that role. Adopt the principal of minimum privilege when providing access to network resources to ensure user’s activity is trackable.
4. Keep your firewalls patched and updated
Keep your systems patched. Patching adds updates and fixes bugs that could cause you problems. Understand vulnerabilities in your systems and ensure you have a process to patch anything necessary or check for new patches regularly.
If you’re going to put systems in place in order to protect your organization’s security, it is important to be educated and up-to-date on these tools.