• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Are you getting the most out of your firewall?

February 11, 2016 by Secure360 and UMSA

Getting the most out of your firewalls

Copyright: Pixaby

According to SearchSecurity, A firewall is “a network security system, either hardware- or software-based, that controls incoming and outgoing network traffic based on a set of rules.” While many people have heard the term used often, only 4% of Americans say they understand firewalls “completely,” and more than 44% don’t understand firewalls at all or even know if they have one enabled on their PC.

Firewalls have been, and should continue to be, an integral part of multi-layered defenses for both business and personal security alike. Here are a few tips for getting the most out of your firewall systems: 

1. Review your firewall rules

Audit and review firewall rules periodically. Consider this: firewall administrators may start adding rules to accommodate requests from internal users about rules that are preventing access to resource. While you may have started with a clean set of policies for blocking things at the network edge, over time rules become obsolete, redundant and conflicting, allowing in traffic that might have previously been blocked. Review firewall rule sets every six months. Remove the obsolete or expired rules and expired rules, and look at existing rules first before adding new ones to avoid duplicating or conflicting.

 2. Performance test your firewalls

You need to more than just set your firewalls up at default state and assume they will run their course accordingly. Test the performance capabilities of your firewall systems after all rules have been configured. Build a small set of scenarios that will represent your network and usage, and test against an equally small set of configurations of the firewalls. Firewalls do most of their work when handling HTTP and HTTPS traffic, so spend time focusing on that. Determine what the “pass/fail” performance testing indicators will be and stick to it.

3. Implement role-based access

Consider assigning and authorizing access to the network resources based on a user’s role within the organization. Based on role and responsibilities, users can have varying degrees of access within systems, allowing administrators to permit or restrict access to network resources based on that role. Adopt the principal of minimum privilege when providing access to network resources to ensure user’s activity is trackable.

4. Keep your firewalls patched and updated

Keep your systems patched. Patching adds updates and fixes bugs that could cause you problems. Understand vulnerabilities in your systems and ensure you have a process to patch anything necessary or check for new patches regularly.

If you’re going to put systems in place in order to protect your organization’s security, it is important to be educated and up-to-date on these tools.

Filed Under: Business Continuity Management, Cybersecurity, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Secure360 Conference
    Secure360 Conference: As much as many of us enjoy it, there are risks to working from home, specifically as we rely more and more on the… https://t.co/S2nuIyWgjk
    about 1 hour ago

  2. Secure360 Conference
    Secure360 Conference: The time to register is NOW, because today is the final day to score early bird rates. #Sec360 is the professional… https://t.co/rsIAkxmmCV
    about 1 day ago

  3. Secure360 Conference
    Secure360 Conference: We can never thank our wonderful #Sec360 sponsors enough! Silver Sponsors @AxoniusInc @BlackBerry @Fortinet and… https://t.co/pnYxfkR135
    about 1 day ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.