A clean firewall is a healthy one
The fact that a Managed Firewall needs to be 'clean' in the first place may sound odd, but it is of great importance and often overlooked. Contrary to what some may think, a firewall isn't a device or software package that you simply install and let look after itself without the need for any type of maintenance. Besides necessary virus updates, your firewall also requires regular improvements to meet the needs of your growing organisation.
Firewalls work with rules comprised of several criteria which monitor incoming and outgoing traffic (what kind of traffic it is, where it comes from and its destination). The firewall will then pass, block or inspect this traffic, depending on the rules set.
New firewall rules are set after installing new applications or when opening new company branches. But what happens when the application is no longer in use? Or when a company branch is shut down? Often, the firewall is forgotten about, which causes the company firewall to be cluttered with rules that are no longer needed.
There are three categories of cluttering rules:
- Unused rules: These rules are no longer needed in the Firewall.
- Overlapping rules: Firewall rules are generally followed from the top down. The Firewall will employ a rule if there is a ‘match’ with the passing traffic. An overlap will occur when a different rule triggers the same 'match' which results in that rule being used less often. ·
- Shadow rules: Shadow rules are never used because traffic is being intercepted in superjacent rules.
By merging and consolidating rules where possible, you will optimize your firewall.
A firewall with a cluttered ruleset, including unused, overlapping and shadow rules, will almost certainly underperform. This often leads to companies choosing to completely replace the firewall - when in fact it could be completely unnecessary. By cleaning up your firewall you can significantly improve its performance and avoid unnecessary expenses.
Firewall clean-up service
Nomios offers a service to document, clean and optimize the existing rules in your firewall.
During this clean-up service, Nomios will complete an inventory and compare the present firewalls and their rules via tooling. This results in a network map of your entire organisation that details what network traffic is running through which firewall. This is valuable information as you’ll want to be aware if, for example, Firewall A is blocking traffic that Firewall B is letting through.
Nomios will also monitor all rules that are not being used. These unused rules will be assessed and deleted upon the client’s permission.
Tips to improve your firewall management
It is essential to document your firewall ruling. Different factors (such as time or staff turnover) can cause a loss of knowledge of existing firewall rules. Documentation can be guaranteed by making a connection with a change ticket. Temporary rules require revisions as well. When requesting a temporary rule, the end date has to be noted. Before reaching this date, the applicant is notified of the soon-to-be-expired rule and is presented with two options: deleting or adapting the end date. This prevents temporary rules to clutter the network and firewall
Are you curious about how Nomios can help to clean up your firewall? Get in touch with us and we would be happy to inform you of how Nomios can help your network to run more smoothly and efficiently by using our firewall services.