Content provided in partnership with
Technology Industry
Industry: Email Alert RSS FeedReduce firewall complexity - Trends
Communications News, Jan, 2003 by Nathan Muller
The need for network security will only become more urgent over time. Not only are cybercriminals constantly inventing new ways to steal electronic information, they are getting more nefarious in their use of it.
An effective solution for many businesses is the firewall, which monitors and regulates traffic flow between public and private network environments to thwart attacks and prevent the entry of hostile code.
- Most Popular Articles in Technology
- An overview of continuous data protection
- Why all those current ratings?
- Many countries now have a mobile penetration rate above 100%, report says
- The Tata Group's big telecom gamble: VSNL's recent acquisition of Tyco ...
- MEASURING BANK BRANCH EFFICIENCY USING DATA ENVELOPMENT ANALYSIS: MANAGERIAL ...
- More »
While firewall operation may be simple, its complex initial configuration and fine-tuning require vendor help, while ongoing administration is the responsibility of the buyer. Modifying the attack-detection parameters of a firewall to deal with new threats, for example, takes the knowledge and experience of a certified security engineer, whereas changing a firewall rule set might require a certified security administrator. Since attacks can originate from anywhere at any time around the globe, effective firewall operation requires 24x7 vigilance by expert staff.
Acquiring any level of management expertise is the biggest hidden cost of firewall ownership. An effective and economical alternative, however, is a carrier-managed firewall solution that allows firms to implement best-of-breed security solutions at a fixed monthly cost.
With a managed service, the carrier or Internet service provider will perform a vulnerability analysis, starting with a port scan of the customer's network resources. After submitting the network to a battery of tests, the managed firewall service provider will present the customer with recommendations for fixing problems that have been identified.
The service provider designs a firewall rule set in collaboration with the customer, and there is usually a grace period to allow for minor changes to the rule set at no charge. This period is provided to allow for real-world testing and minor adjustments of the new firewall rule set.
As new threats become known, the managed firewall service provider will take the appropriate course of action, which might entail adding a rule to the rule set or changing an existing port configuration on the firewall to thwart persistent access attempts. The changes usually are implemented remotely over an encrypted Internet connection.
The managed firewall service provider will generate performance reports that can be accessed by the customer on a secure website using a browser that supports 128-bit key encryption. The customer can view high-level charts and graphs that summarize the quality of network and application resources.
The service provider should be able to meet a range of security needs. A low-end firewall solution that protects corporate information stored on a telecommuter's PC, for example, might consist of firewall software loaded and configured in a DSL router. For companies with an installed base of Cisco routers, the provider may offer a combined firewall-router service that entails configuring the operating system's security features. If separate devices provide firewall and router functionality, both devices can be monitored by the service provider.
As part of the service, periodic reports focus on hot spots or anomalies in the firewall. Such reports include a performance analysis and recommendations for modifications to the firewall that will improve throughput and close potential breach points.
The managed firewall service provider holds quarterly performance reviews with the customer. The focus of such discussions typically will be on the performance of the service provider over the previous 90 days and include a review of the customer's performance reports on the Web, the effectiveness of any rule changes and other service-affecting occurrences over that time period.
The service provider also should maintain contact with various network security watch groups to stay abreast of the latest security problems reported by the user community and the remedies proposed by the vendor community.
For more information from Xspedius Management: www.rsleads.com/301cn-259
RELATED ARTICLE: Blues for Bluetooth.
Thinking of trying Bluetooth wireless technology in the office? Caution might be appropriate, according to dm latest word from research firm Gartner, which says security flaws and interoperability problems will make Bluetooth-enabled devices inadequate for use without additional spending. Gartner predicts that more than 560 million such devices will be purchased by 2005 and that users will need to spend an additional $5.6 billion annually for the support and usage costs associated with "loose" Bluetooth specifications and processes. More than 80% of those devices will be incapable of peer-to-peer networking interoperability, Gartner says, while poor security specifications enhance the potential for data corruption and theft.
Muller is senior technical consultant at Xspedius Management an integrated communications provider in Herndon, VA.
COPYRIGHT 2003 Nelson Publishing
COPYRIGHT 2003 Gale Group
Find Research Guides for:
Find Featured Titles for: Autos
Most Popular Articles in Technology
- An overview of continuous data protection
- Why all those current ratings?
- Many countries now have a mobile penetration rate above 100%, report says
- The Tata Group's big telecom gamble: VSNL's recent acquisition of Tyco ...
- MEASURING BANK BRANCH EFFICIENCY USING DATA ENVELOPMENT ANALYSIS: MANAGERIAL ...
- More »