It doesn’t matter how much security technology you have or how much you spend on it: You can spend $10 million on network security from any vendor, but you will fail to effectively secure your enterprise if you don’t properly manage the policies enforced by those firewalls.
In other words, outcomes are achieved by doing all the little things right. Sounds simple, but it isn’t.
If you only have a few firewalls with policies consisting of tens of rules, it may be simple. But imagine an enterprise that has 2,000 firewalls, each with a policy averaging 500 rules and each rule averaging 15 objects, each source and destination representing an average of 50 IP addresses.
Such an enterprise is managing 2,000 firewalls, 1 million rules, and 125 million connections representing over 300 billion access paths.
Just one wrong rule could expose the network to compromise.
FireMon CEO Jody Brazil recently joined Business Security Weekly hosts Matt Alderman, executive director at CyberRisk Alliance, Jason Albuquerque, COO of Envision Technologies, and Tyler Robinson, director of offensive security and research at Trimarc Security, to discuss these challenges and how security teams can manage all the complexities involved.
“Flossing your teeth is not fun, but have to do it to maintain healthy teeth, and it’s simple to do,” Brazil said. “It’s the same with updating security technology daily. That works for a smaller company but not for one operating at enterprise scale.”
In this scenario, simple does not scale. So, what to do if you’re a large enterprise?
“At enterprise scale, at a minimum it’s going to take processes, and we highly recommend you automate them, because doing it manually is not going to work,” Brazil said. “This is where technology has to come in, whether in cloud environments [or elsewhere] where there are several options, like cloud security posture management and policy evaluation.”
FireMon outlines the benefits of automation on its website:
- Reduction of human error by preventing mistakes that increase your attack surface
- Removal of the friction between DevOps and SecOps, deliver security at speed
- Increase security agility while lowering SLAs
- Increase operational efficiency while reducing operational and security costs
- Stop the revolving door of compliance violations by checking compliance proactively prior to implementation