Firewall Rule Management Challenges
Nearly every organization above a certain size grows its internet links, opens additional locations and purchases or is acquired by other organizations. The result is tens to hundreds of firewalls spread across multiple sites, vendors and models. Firewall rule management becomes difficult at best. Every firewall rule is proposed by someone for a good reason, making pruning firewall rules difficult without the original context used to create them.
Mitigating Firewall Rule Management Challenges
LookingGlass ScoutVision dramatically reduces the operational challenge of both rule pruning and creation, by providing comprehensive historical threat context including Indicators of Compromise such as destination port and user agent. Any IP address or domain component of a URL appearing in a firewall rule may be entered into ScoutVision to retrieve its history. With history and other important context elements, removing stale rules is risk-free, along with good documentation of the reason behind new rules.