Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
-
Upload
skybox-security -
Category
Technology
-
view
86 -
download
0
description
Transcript of Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
![Page 1: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/1.jpg)
www.hertsdirect.org
Finding and Understanding the Risk
Impact of Firewall Changes
Dave Mansfield, Head of IT Technology
Jaswant Golan, Technical Security Officer
![Page 2: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/2.jpg)
www.hertsdirect.org
Your Speakers
Dave Mansfield – Head of Technology HCC
Head of Technology 3 years
Infrastructure Manager for 5 years
Network and Security Manager for 15 years (Public and Private)
Jaswant Golan – Technical Security Officer HCC
Technical Security Officer 8 years (HCC)
Security Compliance Manager 3 years (Private Sector)
Systems Architect 8 years (Financial Sector)
![Page 3: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/3.jpg)
www.hertsdirect.org
About Hertfordshire County Council
![Page 4: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/4.jpg)
Heading
Sub heading
Body text
Business Challenges
• Large and complex infrastructure with many change requests
• Many outsourced service providers
• Limited management visibility of firewall change impacts
• Resource intensive risk identification process
• Ensure compliance with industry standards
Focus on critical risks
![Page 5: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/5.jpg)
www.hertsdirect.org
Network model to visualize infrastructure
Threats Config data and routing tables
Vulnerabilities Layer 3 Devices
Assets
![Page 6: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/6.jpg)
www.hertsdirect.org
Policy Compliance
• Internal security policy
• UK Public Service Network (PSN)
• PCI and ISO 27001
• Trusted zones trusting semi-trusted zones
Compliance Assessment
![Page 7: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/7.jpg)
www.hertsdirect.org
Automating Change Management Risk Assessment
Technical
Details
Change
Request
Risk
Assessment
Change
Implementation
Reconcile
and Verify
Automate the management
process
• Monitor changes
• Automate risk assessment before change is made
• Identify devices involved
• Deliver access path information immediately
• Handle exceptions
• Reconcile changes
![Page 8: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/8.jpg)
www.hertsdirect.org
Assess Risk Before Implementation
• Reduced manual effort by 60%
• Police firewall changes
• Focused on outcome instead of ACLs and rules
• ‘Think Security’
![Page 9: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/9.jpg)
www.hertsdirect.org
Intelligent use of Independent Pen Tests
Vulnerability Hot Spots Attack Vectors Virtual pen test
Target concentrations of
vulnerabilities to meet SLAs
Target attack vectors against
critical assets
Attack Vectors
Target specific attack vectors
Vendor Security Bulletins
Business Units
Technical Groups
Vulnerability Severity
![Page 10: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/10.jpg)
www.hertsdirect.org
Results • Understand downstream impact and risk of proposed
firewall changes in seconds
• 60% reduction in manual effort for firewall change assessment process
• Complete visibility of security network infrastructure
• Regulatory evidential support
• Understand firewall rules and what they actually do
• Focused on effectively reducing risk
• Able to meet future needs and enable new business services
• Even the firewall blokes are using the tool !
![Page 11: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/11.jpg)
www.hertsdirect.org
thank you
![Page 12: Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes](https://reader033.fdocuments.in/reader033/viewer/2022051818/54b6b3564a7959e71f8b45c1/html5/thumbnails/12.jpg)
www.hertsdirect.org