Perimeter 4min de Leitura - 26 de August de 2020

Firewall Server: Getting Better Results

Corredor com servidores

This post is also available in: Português English Español

As more companies, governments and society digitize their businesses, more and more concerns are raised about the security of this information, represented in photos, documents, videos and other media.

For companies in particular, though they still suffer from physical attacks, digital media concerns have grown. Organizations need protection with alarms, surveillance companies, cameras and others, but they also need to leverage their resources to protect everything digital, inside and outside their borders.

Acquiring information security solutions by itself is not synonymous of protection, it is fundamental that the supplier truly knows the market, knowing within a set of services how to make a given product operate in the best way in order to take care of particular needs of the most various types of business.

The solution, whether only in software or in appliance format, with a greater presence in the companies is the firewall server, which has undergone substantial evolutions over the last years and received increments that reinforce the armor necessary for the companies to connect to the internet of secure manner, conducting their business.

In this article we list some reflections and tips on how to get better results for corporate security through firewall serverapplication.

The power of a security policy

An information security policy concentrates guidelines, as well as the understanding and positioning of the company on the subject. This is a primordial document, which every company, regardless of size or segment, should own.

Contrary to what many companies think, information security policy need not necessarily be a complex and difficult to read document. Quite the contrary, the policy has to be as simple and clear as possible, respecting the maturity and complexity of each business. Create a simple document and develop it according to the needs that will surely appear over time.

Security policy is an important step to getting better results when deploying a firewall server, since through it the technical alignment in the solution will be made to guarantee what is described. The lack of policy prevents the achievement or efficiency in audits and even the operational work of IT, after all, which guidelines will the management of the solution be carried out based on?

Survey the essential online services for the company

We know that the speed of the internet is not infinite, and more and more companies have online services to carry out their work. So it is essential to know what these services are to be properly prioritized.

Prioritization of these services is usually done through QoS policies, which ensure that any unrelated concurrent traffic consumes all the internet resources and makes access to the critical service slow or infeasible. If you are interested in more information about QoS, please visit the post QoS post: What is it and what are its benefits.

This is a fundamental and often overlooked step, making critical services use the same priority as any other access, such as a social network, a video on entertainment websites, and other.

Create rules based on the needs of users and industries

Basically rules can be created in a generic way and be applied to all users of a company, respecting sectors and even users. However, these formats do not always meet the need for access from a wide range of user types, even within industries with different functions and access.

Because of this, in defining your security policy, rather than thinking about the companie’s organization chart, create access profiles that reflect the users’ needs, regardless of industry.

This format brings a lot of flexibility from the management point of view. The one who should inform that a certain user belongs to profile A or B should be his director. Very carefully, IT should not define access profiles, its responsibility is to ensure that a user is in such profile, respecting the accesses that have been properly configured.

Avoid creating generic and permissive access policies, even for the board, as this can jeopardize the rest of the policy. When this is not possible, leave them properly isolated from other internal networks, this potentially reduces the risk of contamination within the structure itself.

Track the behavior and adherence of policies created on the firewall server

Another important and often neglected aspect is monitoring the behavior of accesses, and especially compliance with the security policy of the organization.

Any request that involves changes to the firewall server must be validated in accordance with the security guidelines, thus avoiding unnecessary changes and potential future nonconformities.

The audit involving security policy and what is properly on the firewall should be fair, and the fewer teams or people involved in managing these solutions, the better. Someone has to be responsible for compliance.

In addition, it is important to track logs, reports, graphs, and others to make sure the operation is consistent with what has been defined. This is a basic but extremely efficient way to improve firewallutilization, as long as it occurs in cycles.

Customize firewall server according to needs

One of the biggest mistakes for administrators and security professionals is performing deployments with the most resources at one go. This may be interesting but it is important to know well the environment and solution to bring the immediate benefit, otherwise it can become a major headache for all involved.

If the company has little safety maturity, start with the basics and add new features as needs arise. This is an interesting time to adapt the company, which will be less resilient in adopting new resources.

Features such as IPS/IDS, application-based access control, category-based web access management, and other features may seem complex or unnecessary to start-up companies. Because of this, focus on the solution of problems and evolve according to the need and maturity of the company itself.

Do not forget that, for best results, it is important to be clear what problems or improvements to be addressed with the solution and how this will be supported within the company, whether informally by higher levels, or supported by a security policy that safeguard the interests of the company, employees and third parties. In fact, look for the union of these two forces which, with the ideal solution, will bring fantastic results for the whole organization.

Tell us your experiences and, in case of any need, talk to one of our specialists.

This post is also available in: Português English Español