Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, June 20, 2008

Firewall Vendors Look to Automate Policy Changes

For IT staff in global enterprises, adding a new employee is far more involved than finding a desk and a chair for the new hire. Typically, it means huddling over spreadsheets, muttering to themselves as they figure out what changes to make to access rights and policies while taking into account a labyrinthine array of legal, departmental and compliance rules.Multiply that scene by thousands of users, spread over different countries, and you have the massive, frequently chaotic process that takes place practically every week in major companies.In response, firewall vendors are looking to help IT fight back using policy management automation solutions, designed to simplify the task of managing policies—and minimizing the risk of human error.

AlgoSec this week unveiled FireFlow, which automates policy change management and integrates with existing processes—such as the e-mail and Web-based forms typically used by department heads to request adding or removing a user’s access.  News of AlgoSec’s new release, which is due to ship next quarter, comes a few weeks after rival Tufin Technologies announced version 4.2 of its flagship SecureTrack product.

“It’s not uncommon for folks to have 40,000 to 50,000 rules across hundreds of firewalls in today’s large environments, and having a dedicated application to manage them is gold,” Lindstrom said.  When coupled with a sprawling, international staff, this process of tracking user rights and privileges often proves even more taxing.  For instance, global enterprises with offices in different countries often have to implement different rules to achieve the same results.  “Some of our clients who are large financial institutions find that they have to apply different policies in different countries, because the laws are different,” Shaul Efraim, vice president of marketing at Tufin, told

Posted on 06/20