Top 10 Reasons the Firewall Guy's Hair is on Fire
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and PCI DSS 1.1 and 1.2 are pretty clear cut, firewall management shouldn't be much of an issue, right? No one is going to suffer the brunt of managing the significant infrastructure change these regulations are bound to bring more than the security operations team, correct?
5.) A user is requesting a change for a new rule, but the firewall guy can't tell if that traffic is already allowed, and has 30 other things to do so he simply adds the new rule with the intention of reviewing it later. Can you guess how the story ends?
4.) Process? Documentation? Authorization? Just how quickly does the CEO need network access?
3.) "You want a rule usage report for firewalls protecting the 50 Web servers in Sacramento? WHAT 50 Web servers in Sacramento?"
2.) "What do you mean the quarterly PCI reports are now MY responsibility?"
1.) It's 3 p.m. and his manager wants to know if all 200 firewalls (with at least 250 rules per firewall) from multiple vendors across six countries are in compliance with seven distinct regulations, two of which are regulations from different countries that contradict each other. And he wants to know by the end of the day.
Operations people are a noble lot. They deal first-hand with the never-ending network complexity, and because their triumphs are measured in disasters avoided, they are therefore rarely, if ever publicly acknowledged.
So, before you deny their request to attend Black Hat/DefCon this summer, re-read this list for a reminder of how much they add to the organization. And then "Any, Any, Any, Accept" the request.
Software
Receive the latest security news as it breaks.
