Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
-
Upload
skybox-security -
Category
Technology
-
view
86 -
download
0
description
Transcript of Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
www.hertsdirect.org
Finding and Understanding the Risk
Impact of Firewall Changes
Dave Mansfield, Head of IT Technology
Jaswant Golan, Technical Security Officer
www.hertsdirect.org
Your Speakers
Dave Mansfield – Head of Technology HCC
Head of Technology 3 years
Infrastructure Manager for 5 years
Network and Security Manager for 15 years (Public and Private)
Jaswant Golan – Technical Security Officer HCC
Technical Security Officer 8 years (HCC)
Security Compliance Manager 3 years (Private Sector)
Systems Architect 8 years (Financial Sector)
www.hertsdirect.org
About Hertfordshire County Council
Heading
Sub heading
Body text
Business Challenges
• Large and complex infrastructure with many change requests
• Many outsourced service providers
• Limited management visibility of firewall change impacts
• Resource intensive risk identification process
• Ensure compliance with industry standards
Focus on critical risks
www.hertsdirect.org
Network model to visualize infrastructure
Threats Config data and routing tables
Vulnerabilities Layer 3 Devices
Assets
www.hertsdirect.org
Policy Compliance
• Internal security policy
• UK Public Service Network (PSN)
• PCI and ISO 27001
• Trusted zones trusting semi-trusted zones
Compliance Assessment
www.hertsdirect.org
Automating Change Management Risk Assessment
Technical
Details
Change
Request
Risk
Assessment
Change
Implementation
Reconcile
and Verify
Automate the management
process
• Monitor changes
• Automate risk assessment before change is made
• Identify devices involved
• Deliver access path information immediately
• Handle exceptions
• Reconcile changes
www.hertsdirect.org
Assess Risk Before Implementation
• Reduced manual effort by 60%
• Police firewall changes
• Focused on outcome instead of ACLs and rules
• ‘Think Security’
www.hertsdirect.org
Intelligent use of Independent Pen Tests
Vulnerability Hot Spots Attack Vectors Virtual pen test
Target concentrations of
vulnerabilities to meet SLAs
Target attack vectors against
critical assets
Attack Vectors
Target specific attack vectors
Vendor Security Bulletins
Business Units
Technical Groups
Vulnerability Severity
www.hertsdirect.org
Results • Understand downstream impact and risk of proposed
firewall changes in seconds
• 60% reduction in manual effort for firewall change assessment process
• Complete visibility of security network infrastructure
• Regulatory evidential support
• Understand firewall rules and what they actually do
• Focused on effectively reducing risk
• Able to meet future needs and enable new business services
• Even the firewall blokes are using the tool !
www.hertsdirect.org
thank you
www.hertsdirect.org