TAKING AN APPLICATION-CENTRIC APPROACH TO FIREWALL RULE RECERTIFICATION

WHY NOT TAKE THE SAME APPROACH FOR YOUR FIREWALL RULES

2 | Confidential

AGENDA

Traditional approach to managing / removing unnecessary Firewall rules

A more advanced recertification process

01

02

03

Why Firewall Rules Become Redundant

An application-centric approach to firewall rule recertification

How AlgoSec can automate the recertification process

02

03

WHY FIREWALL RULES BECOME REDUNDANT

An application is decommissioned

An application is upgraded and uses

different services/ ports

An endpoint is moved to a different datacenter

POLL

6 | Confidential

TRADITIONAL METHODOLOGY

REVIEWthe firewall logs and determine

when the rule was last used

READthe comments to

see who requested the rule

and which application it

serves

VALIDATEthat the

application is in use with the

relevant contact

REMOVEthe rule or extend

the expiration date

FIREWALL RULE BASE

A MORE ADVANCED RECERTIFICATION PROCESS

Recertify or remove obsolete rules

Notify change requesters

Find related firewall rule requests

Review pending rules / rule request needed to be recertify

AN APPLICATION-CENTRIC APPROACH TO

19 | Confidential

VALIDATEthat the application is in use with the relevant contact

REMOVEthe rule or extend the expiration date

POLL

SETTING THE FOUNDATION FOR APPLICATION RECERTIFICATION

SUMMARY

36 | Confidential

AlgoSec security policy automation and tools can simplify, reduce the risk and save time with Firewall rule recertification

Firewall rule recertification is a necessary evil

Firewall rule recertification is a manual, complex, and error-prone process. Mistakes are common and they can cause application outages

Application-centric approach to Firewall rule recertification can save time in the rule recertification process

01

02

03

MORE RESOURCES

THANK YOU FOR YOUR TIME

Asher BenbenistyDirector of Product MarketingAsher.Benbenisty@algosec.com