FIREWALL - All Articles - CISO Platform2024-03-28T13:20:04Zhttps://www.cisoplatform.com/profiles/blogs/feed/tag/FIREWALLCommon Mistakes To Avoid While Configuring Your Firewallhttps://www.cisoplatform.com/profiles/blogs/common-mistakes-to-avoid-while-configuring-your-firewall2014-03-03T10:00:00.000Z2014-03-03T10:00:00.000Zprithahttps://www.cisoplatform.com/members/pritha<div><p><span class="font-size-4">Top Steps During Implementation Of A Firewall Project</span></p>
<ul>
<li>Clearly defined requirements such as type of firewall, architecture, performance requirements, compliance requirement, sizing, reporting, and minimum specifications are important for identifying suitable solution</li>
</ul>
<ul>
<li> Once right products are shortlisted, proof of concept or environment simulation will help finalize the product that is best fit to specific needs</li>
</ul>
<ul>
<li>Final preparation such as firewall architecture design, hardening, its placement, dependencies on other network and security equipment and policy rules are essential before starting with its implementation</li>
</ul>
<p>( Read more: <a href="http://www.cisoplatform.com/profiles/blogs/top-implementation-mistakes-key-learnings-while-implementing-proj">My Key Learning While Implementing Database Security</a> )</p>
<p> </p>
<p><span class="font-size-4">Top Implementation Mistakes Or Learning While Implementing A Firewall Project</span></p>
<ul>
<li> Improper capacity planning and incorrect zoning affects overall performance and quality of service</li>
<li> In depth testing prior to purchase of such solutions would eliminate surprises at the of implementation</li>
<li> Proper configuration of policies rules, audit and monitoring parameters helps get best out of such devices</li>
<li> Handing over process and detail knowledge transfer to operations team is important for proficient sustenance</li>
</ul>
<p></p>
<p><span class="font-size-4">Top Challenges Faced During Implementation</span></p>
<ul>
<li> Error in policy rules, policy rule conflicts or order of policies may make some systems or applications inaccessible</li>
<li> Improper design of zoning and configuration may expose critical vulnerabilities</li>
<li> Incorporating support for various applications needing dynamic ports</li>
</ul>
<p>( Watch more : <a href="http://www.cisoplatform.com/video/3-causes-of-stress-which-we-are-unaware-of">3 causes of stress which we are unaware of !</a> )</p>
<p></p>
<p><span class="font-size-4">Top Parameters Based On Which Success Of A Project Should Be Measured (specifically related to the above Domain)</span></p>
<ul>
<li> Below are the top parameters based on which the success of a project should be measured</li>
<li> Firewall rule set works as per requirements</li>
<li>Seamless & secure access to applications and compatibility across intra zones</li>
<li>Performance during pick and normal usage</li>
<li>Logging & data management as per organization compliance requirements</li>
<li>Vulnerability assessment and penetration testing giving positive results</li>
<li>Beside firewall policies, configuration of right security alerts, Incident Handling, Change Management, Firewall logs and auditing processes are also a key parameters for success of such implementations</li>
</ul>
<p></p>
<p><em>-Samir Dani , Dy. General Manager-IT at Suzlon Energy Ltd tells us about Top Steps and Learning in Firewall Projects</em></p>
<p>( More: <a href="http://www.cisoplatform.com/page/be-a-speaker">Want to become a speaker and address the security community?</a> <a href="http://www.cisoplatform.com/page/be-a-speaker">Click here</a> )</p></div>Checklist For Selecting Firewall Vendorhttps://www.cisoplatform.com/profiles/blogs/checklist-for-selecting-firewall-vendor2014-03-10T13:00:00.000Z2014-03-10T13:00:00.000Zprithahttps://www.cisoplatform.com/members/pritha<div><p><span class="font-size-4">How should CISO define the requirement for solutions related to the Firewall domain?</span></p>
<ul>
<li> To ascertain total throughput required. The requirement be finalized keeping in view the current traffic as well as expected increase in volumes over at least next 3-5 years.</li>
<li> To ascertain what is the throughput required for individual interface.</li>
<li> How many interfaces are required in the firewall.</li>
<li> Do we require additional modules (IPS, anti spoofing etc). If yes then what are those.</li>
<li> Any technological constraint or specific requirement</li>
</ul>
<p>( Read more: <a href="http://www.cisoplatform.com/profiles/blogs/requirement-for-solutions-related-to-database-security">Database Security Vendor Evaluation Guide</a> )</p>
<p></p>
<p><span class="font-size-4">What are the key parameters based on which CISO would choose a vendor for the same?</span></p>
<ul>
<li>Vendor should have prior experience in supply,installation and maintenance of information security devices. The projects should have been of comparable size. Number of successful deployments should be considered.</li>
<li>Vendor should be authorized partners of the OEM of the equipment to be supplied.</li>
<li>Previous record of supply and maintenance/ business dealings should be unblemished and of having successfully supplied and deployed information security equipment</li>
<li>Should have qualified staff on roles for support for supplied equipment. These staff should hold the certifications on the product from the OEM.</li>
<li>Licensing and free requirements are crystallized on various factors like throughputs, components, applications, sites etc.</li>
</ul>
<p>( Read more: <a href="http://www.cisoplatform.com/profiles/blogs/top-technologies-solutions-available-for-the-single-sign-on">Technology/Solution Guide for Single Sign-On</a> )</p>
<p></p>
<p></p>
<p><span class="font-size-4">Top Questions to ask vendor for evaluating the offering/Vendor Evaluation Checklist</span></p>
<ul>
<li>Proposed solution should not be nearing end of life / end of sale / end of support currently. Residual life to be at least 5 years</li>
<li>Life road map of system should ensure that the solution is covered under support for period of at least 5 years from date of purchase / installation by OEM</li>
<li>What is the support structure of vendor and how will the support be provided (on-site, off-site, remote, session logs and audit)</li>
<li>How the updates / patches be made available (online and regular updates are preferable / fixed frequency)</li>
<li>What is the SLA (with specific reference to Uptime Assurance, Turn Around Time)</li>
<li>What is the level of engagement with OEM for the supply (It should be supply and support)</li>
<li>Responsibilities of the OEM towards the purchaser (for supply, installation and maintenance)</li>
<li>What if the front ending of the existing vendor ends abruptly, whether OEM provides an alternative and of what quality/ assurance.</li>
</ul>
<p>( Watch more : <a href="http://www.cisoplatform.com/video/attacks-on-smart-tv-and-connected-smart-devices">Attacks on Smart TV and Connected Smart Devices</a> )</p>
<p></p>
<p><span class="font-size-4">Top mistakes to avoid while selecting a vendor?</span></p>
<ul>
<li>Solution should not be nearing its end of life / end of support</li>
<li>There should be no ambiguity regarding the terms and conditions of services</li>
<li>Tenure of engagement of services of the vendor should be amply clear and accepted in writing by both the parties</li>
<li>Verification of the documents submitted by vendors should be done from original source or alternate source before selection</li>
<li>Price discovery should be done where ever possible.</li>
</ul>
<p><em>-Sunil Soni, CISO, Asstt. General Manager, Punjab National Bank tells CISO Platform about Selecting Firewall Vendors</em></p>
<p></p>
<p>( More: <a href="http://www.cisoplatform.com/profiles/blog/new">Want to share your insights?</a> <a href="http://www.cisoplatform.com/profiles/blog/new">Click here to write an article at CISO Platform</a> )</p>
<p></p></div>Firewall Checklist - Top 10 Things Your Next Firewall Must Do!https://www.cisoplatform.com/profiles/blogs/firewall-checklist-the-top-10-things-your-next-firewall-must-do2014-05-08T12:00:00.000Z2014-05-08T12:00:00.000ZCISO Platformhttps://www.cisoplatform.com/members/CISOPlatform<div><p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">The <strong>next-generation firewall</strong> is well defined by Gartner as something new and enterprise-focused <strong>“incorporating full-stack inspection to support intrusion prevention, application-level inspection and granular policy control”</strong> .</span></p>
<p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Most network security vendors are now offering application visibility and control by either adding application signatures to their IPS engine, or offering you an add-on license for an application control module. In either case, these options are additive to a port-based firewall, and do little to help you focus on the fundamental tasks your firewall is designed to execute.</span></p>
<p><span style="color:#333333;"><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">( </span><span style="font-size:13px;"><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">Read more</span>: </span></span> <span style="font-family:arial, helvetica, sans-serif;" class="font-size-3"><strong><a href="http://www.cisoplatform.com/profiles/blogs/5-application-security-trends-you-don-t-want-to-miss">Top 5 Application Security Technology Trends</a> </strong>)</span></p>
<p></p>
<p><strong><span class="font-size-4">>><a href="http://www.cisoplatform.com/page/paloalto-firewall-checklist-10-things-your-next-firewall-must-do" target="_blank">Click here for Complete Checklist & Detailed Report</a></span></strong></p>
<p></p>
<p><span style="color:#3366ff;font-family:arial, helvetica, sans-serif;" class="font-size-4"><strong>Next-Generation Firewall Requirements:</strong></span></p>
<ul>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify applications regardless of port, protocol,evasive tactic or decryption.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify users regardless of device or IP address.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Decrypt outbound SSL.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Protect in real-time against known and unknown threats embedded across applications.</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Deliver predictable, multi-gigabit inline deployment.</span></li>
</ul>
<p></p>
<p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Firewall selection criteria will typically fall into three areas: security functions, operations, and performance.The security functional elements correspond to the efficacy of the security controls, and the ability for your team to manage the risk associated with the applications traversing your network. From an operations perspective, the big question is, “where does application policy live, and how hard or complex is it for your team to manage?”</span></p>
<p><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">The performance difference is simple: can the firewall do what it’s supposed to do at the required throughput </span><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">your business needs? </span></p>
<p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">( Read more:</span><span class="font-size-3"><span style="font-family:arial, helvetica, sans-serif;color:#333333;"><span style="font-size:13px;"> </span></span> <strong><a href="http://www.cisoplatform.com/profiles/blogs/how-should-a-ciso-choose-the-right-anti-malware-technology">How Should a CISO choose the right Anti-Malware Technology?</a></strong> <span style="font-family:arial, helvetica, sans-serif;color:#333333;"><span style="font-size:13px;">)<br /> <br /></span></span></span></p>
<p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-4">>><a href="http://www.cisoplatform.com/page/paloalto-firewall-checklist-10-things-your-next-firewall-must-do" target="_blank">Click here for Complete Checklist & Detailed Report</a></span></p>
<p></p>
<p><span style="color:#3366ff;font-family:arial, helvetica, sans-serif;" class="font-size-4"><strong>The Top 10 Things Your Next Firewall Must Do are:</strong></span></p>
<ul>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify and control applications on any port</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Identify and control circumventors</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Decrypt outbound SSL and control SSH</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Provide application function control</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Systematically manage unknown traffic</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Scan for viruses and malware in all applications, on all ports</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Enable the same application visibility and control for all users and devices</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Make network security simpler, not more complex, with the addition of application control</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Deliver the same throughput and performance with application control fully activated</span></li>
<li><span style="font-family:arial, helvetica, sans-serif;color:#333333;" class="font-size-3">Support the exact same firewall functions in both a hardware and virtualized form factor</span></li>
</ul>
<p></p>
<p><span style="font-family:arial, helvetica, sans-serif;" class="font-size-4">>><a href="http://www.cisoplatform.com/page/paloalto-firewall-checklist-10-things-your-next-firewall-must-do" target="_blank">Click here for Complete Checklist & Detailed Report</a></span></p>
<p></p>
<p><em><span style="font-family:arial, helvetica, sans-serif;" class="font-size-3">What does 'NextGen Firewall' mean to you? Are there more features that should be added to the checklist? Share your views in the comments below<br /> <br /></span></em></p></div>Checklist to Evaluate A Cloud Based WAF Vendorhttps://www.cisoplatform.com/profiles/blogs/checklist-to-evaluate-a-web-application-firewall2014-07-03T19:30:00.000Z2014-07-03T19:30:00.000Zprithahttps://www.cisoplatform.com/members/pritha<div><p align="center" style="text-align:left;"><a href="http://www.cisoplatform.com/profiles/blogs/checklist-to-evaluate-a-web-application-firewall" target="_blank"></a>These days’ web applications are under siege. Commercially motivated Hackers, bots, and fraudsters are attacking around the clock, attempting to steal data, disrupt access, and commit fraud which today’s next generation firewall, IPS and other network security product are unable to safeguard. So in order to prevent breaches and downtime against web attacks, DDoS, site scraping and fraud we have introduced cost effective, in the cloud, Security as a Service (SaaS) based Web Application Firewall Service. The Solution is deployed in a reverse proxy mode so one just needs to route web traffic through Application Firewall which will mitigate web attacks & threats in real time and send out clean traffic back to web server.</p>
<p>( Read more: <strong><a href="http://www.cisoplatform.com/profiles/blogs/captivating-new-insights-into-hbb-tvs">Can your SMART TV get hacked?</a></strong> )</p>
<p></p>
<p><em><span class="font-size-4">Check-list for Vendor Evaluation:</span></em></p>
<p><strong>1. Deployment Architecture & Mode of Operation</strong></p>
<ul>
<li>Active/Inline, Passive, Bridge, Router, Reverse Proxy etc.</li>
<li>How the SSL traffic is processed & offloading done, whether it terminates SSL connections, passively decrypts traffic etc.</li>
<li>What Authentication method used to validate users/customers</li>
<li>High Availability, Redundancy & Scalability</li>
<li>Protect Multiple Website Behind Single IP</li>
</ul>
<p> </p>
<p><strong>2. Connection Handling & Traffic Processing</strong></p>
<ul>
<li>How the traffic is blocked – Drop Packet, TCP Reset etc.</li>
<li>HTTP versions, Encoding & File transfer Support</li>
<li>Any other protocol support</li>
<li>Response Filtering</li>
</ul>
<p> </p>
<p><strong>3. Detection Technique</strong></p>
<ul>
<li>Normalization technique used</li>
<li>Negative Security Models</li>
<li>Positive Security Models</li>
<li>Minimal False Positives</li>
<li>Signature/Rule Database</li>
<li>How frequently Database is updated</li>
<li>Is APIs available to customize or extend vendor’s detection functionality</li>
<li>Virtual Patching</li>
<li>Fraud Detection</li>
<li>Business Logic Attacks</li>
</ul>
<p>( Read more: <strong><a href="http://www.cisoplatform.com/profiles/blogs/technology-implementation-status-in-various-top-verticals-india">Security Technology Implementation Report- Annual CISO Survey</a></strong> )<b><br /></b></p>
<p></p>
<p><strong>4. Protection Technique</strong></p>
<ul>
<li>Brute Force Attacks</li>
<li>Cookie based Attacks</li>
<li>Session or Denial of Service Attacks</li>
<li>Hidden Form field Protection</li>
<li>Cryptographic URL & Parameter Protection</li>
<li>Reputation-Based Service</li>
<li>External Intelligence Feed, threat landscape etc.</li>
<li>Protection against Application DDoS</li>
<li>Protection against OWASP Top 10</li>
</ul>
<p> </p>
<p><strong>5. Logging</strong></p>
<ul>
<li>Which commonly used logs are supported</li>
<li>Log Forwarding to Syslog or SIEM</li>
<li>Unique transaction IDs are included with every log message</li>
<li>Log Export facility</li>
<li>Event logs and notification via Email, SMS, Syslog support, SNMP Trap etc.</li>
<li>Log Retention</li>
<li>Sanitization or Masking Critical Data from the logs</li>
</ul>
<p> </p>
<p><strong>6. Reporting</strong></p>
<ul>
<li>Reporting Format Supported</li>
<li>On Demand report generation, automation & scheduling</li>
<li>Report Customization</li>
<li>Report distribution methods available</li>
<li>Customized Block Page Display Message</li>
<li>Compliance Reports</li>
</ul>
<p> </p>
<p><strong>7. Management</strong></p>
<ul>
<li>GUI – Web Based</li>
<li>Multi-Tenancy, RBAC & Secure Administration</li>
<li>Centralized Dashboard, Alerts & Reporting</li>
<li>Support of External APIs</li>
<li>Integration with existing infrastructure</li>
<li>Integration with Vulnerability Scanner, SIEM, DLP etc.</li>
<li>Configuration Management & Backup</li>
<li>Automatic signature update and Install</li>
<li>Profile Learning</li>
<li>Policy Management, Export/Import, Roll back mechanism,</li>
<li>WAF Security</li>
</ul>
<p> </p>
<p><strong>8. Performance</strong></p>
<ul>
<li>HTTP level performance</li>
<li>HTTP level performance with SSL enabled</li>
<li>Maximum number of concurrent connections</li>
<li>Performance under Load</li>
<li>Fail-Safe & Pass through when device fails</li>
</ul>
<p>( Read more: <strong><a href="http://www.cisoplatform.com/profiles/blogs/sneak-peek-into-the-future">Hardware Trojans: Sneak Peek into the Future</a></strong> )</p>
<p></p>
<p><strong>9. Support</strong></p>
<ul>
<li>24*7*365 Support Available</li>
<li>Quality of technical support</li>
<li>Support presence in local City, Country etc.</li>
<li>Direct Support or Partner</li>
<li>SLA, TAT, Escalation Matrix etc.</li>
</ul>
<p> </p>
<p><strong>10. Cost</strong></p>
<ul>
<li>Initial cost</li>
<li>Setup & Implementation Cost</li>
<li>Recurring subscription costs</li>
<li>Patch Update & Upgrade Cost</li>
<li>Any other hidden cost</li>
</ul>
<p> </p>
<p><strong>11. Vendor Reputation</strong></p>
<ul>
<li>Market share, Turnover, Profitability</li>
<li>Any certification like ICSA Labs etc.</li>
<li>Enable PCI 6.6 compliance requirement</li>
<li>Listed by any IT research company like Gartner, Forrester, IDC etc.</li>
<li>Customer Base</li>
<li>Any customer implementation similar to your line of business</li>
</ul>
<p> </p>
<p><em><em>-With Yadavendra Awasthi, Netmagic Solutions Pvt. Ltd., on How To Evaluate a WAF(Web Application Firewall) Vendor <a href="http://ctt.ec/O02fm" target="_blank">ClickToTweet</a></em></em></p>
<p><em>What are your quick tips to evaluate WAF vendors? Share with us in the comments below or write your own article <strong><a href="http://www.cisoplatform.com/profiles/blog/new" target="_blank">here</a></strong> </em><em><br /></em></p></div>(20 Page Guide) Critical Capabilities For Evaluating WAF - Web Application Firewallhttps://www.cisoplatform.com/profiles/blogs/20-page-guide-critical-capabilities-for-evaluating-waf-web-applic2018-07-25T06:30:00.000Z2018-07-25T06:30:00.000ZCISO Platformhttps://www.cisoplatform.com/members/CISOPlatform<div><p><span style="font-size:12pt;">With the increased growth in the usage of the internet, mobile applications, and the Internet of Things, applications become ubiquitous but their security is low key. Deploying an effective WAF will be one of the baseline measures organizations can take to protect themselves from breaches and secure their customers.</span></p>
<p><a href="http://www.cisoplatform.com/profiles/blogs/20-page-guide-critical-capabilities-for-evaluating-waf-web-applic" target="_blank"><img src="{{#staticFileLink}}8669821680,original{{/staticFileLink}}" class="align-left" alt="8669821680?profile=original" /></a></p>
<p></p>
<p></p>
<p><span style="font-size:12pt;"><span class="il"><span>This is a detailed 20 page guide that helps you understand the critical capabilities for evaluating web applic</span>ation </span><span class="il">firewall</span>.<strong> </strong><span>This report is created by FireCompass Analysts along with the F5 Networks Team. </span>Organizations can customize this checklist based on their specific requirements. </span></p>
<p></p>
<p><span class="font-size-4"><strong>What will you Find in the Report? </strong></span></p>
<ul>
<li><span style="font-size:12pt;"><font face="arial, helvetica neue, helvetica, sans-serif">Use Cases & Key Evaluation Parameters</font></span><br /> <span style="font-size:12pt;"> </span></li>
<li><span style="font-size:12pt;">Various Deployment Options</span><br /> <span style="font-size:12pt;"> </span></li>
<li><span style="font-size:12pt;">Evaluation Checklist for <span class="il">WAF</span></span></li>
</ul>
<p></p>
<p><span class="font-size-5">>> <a href="https://pre.firecompass.com/report-how-to-benchmark-waf/" target="_blank">Download the Complete Report</a></span></p>
<p></p></div>Forrester Wave WAF Guide 2018 : Top 10 Vendors That Matter & How They Stack Uphttps://www.cisoplatform.com/profiles/blogs/forrester-wave-waf-guide-2018-top-10-vendors-that-matter-how-they2018-08-08T09:30:00.000Z2018-08-08T09:30:00.000ZCISO Platformhttps://www.cisoplatform.com/members/CISOPlatform<div><p><span><span class="il"><br /> T</span></span><span>he Forrester Wave™ Guide on Web Application Firewall, Q2 2018, is a detailed guide that helps you understand the 33 criteria <span class="il">& How To Use To Effectively WAF, Forrester Wave, helps in Measure Up WAF Vendors which is </span>developed by Forrester for evaluating web application firewall vendors. </span></p>
<p><span>In this evaluation, Forrester has identified 10 most significant ones - Akamai Technologies, Amazon Web Services, Barracuda Networks, Cloudflare, F5 Networks, </span>Fortinet, Imperva, Positive Technologies, Radware and Rohde & Schwarz Cybersecurity. Forrester analysts have analysed, researched and scored them. This report shows how each measures up and helps security professionals make the right choice.</p>
<p></p>
<p></p>
<p><span class="font-size-4"><strong>What Will You Find In The Report? </strong></span></p>
<ul>
<li><span>An Understanding Of WAF & How To Use To Effectively<br /> <br /></span></li>
<li><span>WAF Scorecard & Forrester Wave<br /> <br /></span></li>
<li><span>How Each Of The WAF Vendors Measure Up <br /> <br /></span></li>
<li><span>Which WAF Solution Is Right Fit For Your Company & more</span></li>
</ul>
<p></p>
<p><span class="font-size-5">>> <a href="https://event.cisoplatform.com/forrester-waf-report-q2-2018/" target="_blank">Download The Complete Report</a></span></p></div>