Firewall Wizards mailing list archives
Re: What challenges are security admins facing?
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 27 May 2003 10:53:04 -0400 (EDT)
On Mon, 26 May 2003, Paul Ammann wrote:
Hi I've working on the firewall security audit at my company, and I've been getting exposure to many different areas that I normally wouldn't. I work with the Check Point firewalls. I'm curious as to what people challenges security admin are facing.
All of what you mention below are most likely going to be found to be fairly common areas for many who will respond:
I'm talking things you might not normally take into consideration. For example, lack of communication or documentation, inaccurrate network drawings of firewall locations,
Ahh, documentation, the bain of most every IT person. It's important to document and to maintain, but, sometimes the more pertient facts never get put into a container for retrieval, often the area<s> to store documentation get to unweildly, in terms of document never getting date stamped in a proper fashion to determine what is current and what is dated out of reality, to downright crappy naming conventions such that finding the facts sought becomes a major chore itself. Every IT dept needs to have a primary and backup person whose job it is to maintain departmental documentation, they get tasked with harrassing others to produce their share, and with keeping the archives of documentation current, and readable and traversable. Of course in these time especially, with IT being sorely over tasked and understaffed, this area is left unfilled, even though it is perhaps as important as the daily/weekly/monthly backups...
no formal change control procedure, tracking temporary firewall rules, limiting access to firewall policies and log information, or my favorite, no procedure for when an employee has left the company or change job functions.
I have yet to see anything that works well for documenting and maintaining this kind of information cept those sites that have put in a "remedy<TM>" or like, tracking system and delved into the roots of the package to pushed it beyond it's default trouble ticketing system functions to do some of the things it can do, if scripted/programed beyond the basics. What was nice and sweets about those few sites tnat put rememdy and their fav similar tools to the task was it was likemaking an appointment in the corp PIM, you create the event, or mark the change made, and set the review time and remedy prods you about and need for action or review when that time slots pops into focus. If your company has such tools and such resources and priorities and 'requirements' for information storage and the tracking of temp changes and tinely review of those settings, getting those tasked to do, into the habit of properly using then can be the major chore... Of course, I happen to believe that stunguns <electronic larts> are a valuable human resource/employee management tool Thanks, Ron DuFresne
Best regards, Paul _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- What challenges are security admins facing? Paul Ammann (May 27)
- Re: What challenges are security admins facing? Paul Robertson (May 27)
- Re: What challenges are security admins facing? R. DuFresne (May 27)
- Re: What challenges are security admins facing? ark (May 28)
- Re: What challenges are security admins facing? Paul Robertson (May 28)
- Re: What challenges are security admins facing? ark (May 28)
- Re: What challenges are security admins facing? Paul Robertson (May 27)
- RE: What challenges are security admins facing? Ben Nagy (May 27)
- Re: What challenges are security admins facing? R. DuFresne (May 27)
- <Possible follow-ups>
- Fw: What challenges are security admins facing? Paul Ammann (May 29)
- Re: Fw: What challenges are security admins facing? R. DuFresne (May 29)