PaulDotCom mailing list archives
Re: Managed firewalls
From: Russell Eubanks <securityeverafter () gmail com>
Date: Sat, 12 Feb 2011 15:11:23 -0500
Another good thing to do is a bi- annual firewall review, line by line, to make sure the rules are as you intend and reflect your current needs. Also to make sure you are running the most current version of code. Since they are managing the device for you, I consider it fair game to ask for their recommendations after they review your configs every so often. In theory, their collective knowledge will be valuable. All of this will give them the opportunity to re-earn your business by having the prove their value to your business. Russell On Feb 12, 2011, at 12:13 PM, John Strand <strandjs () gmail com> wrote:
I would also recommend that you periodically "test" them. Something as simple as a remote Nessus scan, or a outbound clear text shell. See if they catch it. If they do not, be sure to give them hell. John On Fri, Feb 11, 2011 at 8:31 PM, Jack Daniel <jackadaniel () gmail com> wrote: Like most things, "it depends". As Josh said, if the outsourced vendor does a great job, it can be very good. Big honking "if" there, though. A few questions off the top of my head: What are the SLAs, and how are they enforced? How long does it take to get changes applied? Do you retain ownership of the hardware on premises? Do you "own" the configs, or can they flatten the box when terminated? Do you have audit rights to the systems? What kind of reporting and documentation do they offer? Do they guarantee configurations compliant with your regulatory requirements? What about patching/updating, do they provide a guaranteed update window after patches/fixes are released? Is it all in writing? Jack On Fri, Feb 11, 2011 at 7:12 PM, Matthew Perry <mlperry () gmail com> wrote:All, We have been acquired by another company that is use to outsourcing their management and monitoring of firewalls to another company. I have always been against this especially since they would have the keys for any point to point connections. How does everyone else in the pauldotcom community feel about this and is it a standard practice? -- Matthew Perry _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- ______________________________________ Jack Daniel, Reluctant CISSP http://twitter.com/jack_daniel http://www.linkedin.com/in/jackadaniel http://blog.uncommonsensesecurity.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com -- John Strand Office: (605) 550-0742 Cell: (303) 710-1171 _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Managed firewalls Matthew Perry (Feb 11)
- Re: Managed firewalls Josh More (Feb 11)
- Re: Managed firewalls chris serafin (Feb 12)
- Re: Managed firewalls Jack Daniel (Feb 12)
- Re: Managed firewalls John Strand (Feb 12)
- Re: Managed firewalls Russell Eubanks (Feb 12)
- Re: Managed firewalls Matthew Perry (Feb 15)
- Re: Managed firewalls John Strand (Feb 12)
- Re: Managed firewalls Josh More (Feb 11)