Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
12
www.hertsdirect.org Finding and Understanding the Risk Impact of Firewall Changes Dave Mansfield, Head of IT Technology Jaswant Golan, Technical Security Officer
-
Upload
skybox-security -
Category
Technology
-
view
86 -
download
0
description
“Instead of six to ten days to analyze the impact of proposed firewall changes, with Skybox it takes six to ten minutes.” - Jaswant Golan, Technical Security Officer, Hertfordshire County Council If you struggle to understand the downstream risk impact of firewall changes, this is one presentation you don’t want to miss! On Thursday 1 May, Hertfordshire County Council will present a case study on reducing risk, increasing network visibility and optimizing security management processes. In addition to firewall change management and network visibility, Mansfield and Golan will share how risk analytics have changed the way they think about network security and vulnerabilities. No longer tied to manual analysis, the security team can focus on the big picture – reducing risk.
Transcript of Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
www.hertsdirect.org
Finding and Understanding the Risk
Impact of Firewall Changes
Dave Mansfield, Head of IT Technology
Jaswant Golan, Technical Security Officer
www.hertsdirect.org
Your Speakers
Dave Mansfield – Head of Technology HCC
Head of Technology 3 years
Infrastructure Manager for 5 years
Network and Security Manager for 15 years (Public and Private)
Jaswant Golan – Technical Security Officer HCC
Technical Security Officer 8 years (HCC)
Security Compliance Manager 3 years (Private Sector)
Systems Architect 8 years (Financial Sector)
www.hertsdirect.org
About Hertfordshire County Council
Heading
Sub heading
Body text
Business Challenges
• Large and complex infrastructure with many change requests
• Many outsourced service providers
• Limited management visibility of firewall change impacts
• Resource intensive risk identification process
• Ensure compliance with industry standards
Focus on critical risks
www.hertsdirect.org
Network model to visualize infrastructure
Threats Config data and routing tables
Vulnerabilities Layer 3 Devices
Assets
www.hertsdirect.org
Policy Compliance
• Internal security policy
• UK Public Service Network (PSN)
• PCI and ISO 27001
• Trusted zones trusting semi-trusted zones
Compliance Assessment
www.hertsdirect.org
Automating Change Management Risk Assessment
Technical
Details
Change
Request
Risk
Assessment
Change
Implementation
Reconcile
and Verify
Automate the management
process
• Monitor changes
• Automate risk assessment before change is made
• Identify devices involved
• Deliver access path information immediately
• Handle exceptions
• Reconcile changes
www.hertsdirect.org
Assess Risk Before Implementation
• Reduced manual effort by 60%
• Police firewall changes
• Focused on outcome instead of ACLs and rules
• ‘Think Security’
www.hertsdirect.org
Intelligent use of Independent Pen Tests
Vulnerability Hot Spots Attack Vectors Virtual pen test
Target concentrations of
vulnerabilities to meet SLAs
Target attack vectors against
critical assets
Attack Vectors
Target specific attack vectors
Vendor Security Bulletins
Business Units
Technical Groups
Vulnerability Severity
www.hertsdirect.org
Results • Understand downstream impact and risk of proposed
firewall changes in seconds
• 60% reduction in manual effort for firewall change assessment process
• Complete visibility of security network infrastructure
• Regulatory evidential support
• Understand firewall rules and what they actually do
• Focused on effectively reducing risk
• Able to meet future needs and enable new business services
• Even the firewall blokes are using the tool !
www.hertsdirect.org
thank you
www.hertsdirect.org
