[AusNOG] Centralised firewall policy management - recommendations?
Eric Pinkerton
Eric.Pinkerton at stratsec.net
Tue Aug 14 09:24:55 EST 2012
Depends upon how you define 'Management'...and upon what you already have in place...
I would say that there is no 'typical solution', companies in my experience have numerous firewalls, in numerous sites from numerous vendors, and the management solution is more often dictated by the firewall vendor in each case, so where you have Checkpoint, smart console etc and you have central management but if you have Juniper or Cisco, central management might be something that only gets added as an afterthought...
Gartner did a compelling piece a while back opposing the traditional approach of using different vendors in line, so if you were setting up a green field operation today then you might be more inclined to stick mostly with a single vendor.
In most cases you will end up with some different vendors, so your choice of solution will be dictated by this and your budget. In reality this is likely to be a combination of products including whatever you already have in place, or whatever your people are comfortable with, Open Source Monitoring (Such as Cacti) Rancid for Config Backups etc, Anything from Splunk or Arcsite to SyslogNG for log correlation, Vendor specific tools (CP Smart Centre, Juniper NSM, FortiAnalyser, Cisco NCM/WORKS, WatchGuard WSM, PA Panorama etc etc etc) and if you have any money left, you will want to look very seriously at Algosec, Firemon or Tufin etc...
E
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Paul Gear
Sent: Monday, 13 August 2012 9:08 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Centralised firewall policy management - recommendations?
On 10/08/12 15:39, Paul Gear wrote:
Hi everyone,
After my last question about configuration management best practices, i hope i'm on more well-trodden ground asking this one...
--
Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.http://www.mailguard.com.au/mg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120814/e9940608/attachment.html>
More information about the AusNOG
mailing list