Following up on guest blogger Matthew Pascucci's article yesterday on change control horror stories, beyond using sound judgement there two key high level things you can do to prevent these types of situations.
- Have a solid process defined, communicated and enforced across all stakeholders involved in the change process (end-users, network operations and information security personnel).
- Leverage firewall policy management technology that can help you automate the change process and include firewall analysis, such as what devices are impacted and risk assessment, to ensure that it is followed by all the stakeholders and also ensure that the changes are quickly and accurately processed or denied for valid reasons.
While Matt's stories were more security-focused "horror stories" around change control, manual firewall change management can be quite painful from an operations perspective as well as from a risk perspective. We've created the below video to give you a taste of AlgoSec FireFlow, which helps organizations automate firewall change management. In this 3 minute video we show you FireFlow's out-of-the-box and highly customizable workflows and demonstrate the "Initial Planning" capability, which automatically identifies the firewalls impacted by the change request and also identifies unnecessary change requests. Enjoy!