Firewall Wizards mailing list archives
Re: firewall rule lifecycle management
From: Skip Carter <skip () taygeta com>
Date: Tue, 30 Aug 2005 12:03:37 -0700
Question: What do those of you in large environments do to manage your rulesets in terms of removing access that is no longer required? We get lots of requests to add access, but are almost never told when something can be removed. This is a large corporation with lots of subcontractors, B2B, etc., and we're looking for ideas on how others get a handle on this (or does anybody?).
We once provided an external firewall audit and in reviewing the special access rules such as those described above, we noticed that one remote location that had special access to Victoria's Secret (the client was NOT any sort of retailer)! It turned out that the IP address once belonged to a genuine business partner, who later gave up the address which ultimately ended up in the possession of Victoria's Secret. They now use a formal written change control procedure to help manage this problem. We will see how well that works next audit. Perhaps periodic external review is the best way. Skip -- Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647 Taygeta Network Security Services email: skip () taygeta net 1340 Munras Ave., Suite 314 WWW: http://www.taygeta.net/ Monterey, CA. 93940 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- firewall rule lifecycle management Michael Cox (Aug 30)
- RE: firewall rule lifecycle management Bruce Smith (Aug 31)
- Re: firewall rule lifecycle management Martin (Aug 31)
- Re: firewall rule lifecycle management Victor Williams (Aug 31)
- Re: firewall rule lifecycle management Martin (Aug 31)
- Re: firewall rule lifecycle management Skip Carter (Aug 31)
- Re: firewall rule lifecycle management Joe Matusiewicz (Aug 31)
- Re: firewall rule lifecycle management Kevin (Aug 31)
- Re: firewall rule lifecycle management Christoph Haas (Aug 31)
- <Possible follow-ups>
- Fwd: firewall rule lifecycle management Brenno Hiemstra (Aug 31)
- RE: firewall rule lifecycle management Bruce Smith (Aug 31)