A few weeks back, we asked the community of security professionals to submit their best advice for managing complex network security policies. We were pleasantly surprised with the quality and quantity of responses we have received and compiled the best ones in an eBook titled "The Big Collection of Firewall Management Tips".
We did not provide any guidance for submitting the tips, so it was interesting to see how responses varied greatly. We did eventually categorize responses into four different categories that I believe create a good foundation for effective security management.
- Policy Definition – make sure put ample thought in defining your policy (both at the abstract level, and when implementing it across different technologies such as firewalls, web proxies etc.). All too often, organizations tactically slap on another rule, which is fertile ground for bad security and bad network operations.
- Processes – ensure you have the right processes to manage security, communicate them effectively, and have the right tools to enforce them.
- Architecture – a good architected network can simplify policy management and enforcement. For example, similar areas of your network can reuse the same rulesets.
- Just for Laughs – security is no laughing matter, but enjoying the ride and maintaining a cheerful attitude never hurt anyone.
Enjoy the eBook.