Post on 24-Jun-2015
description
Network Security Management Survey 2011
• Firewalls act as the first line of defense for an organization.
• However the network environment is complex, with numerous devices, hundreds, if not thousands of rules within just one firewall, and multiple firewalls from different vendors geographically dispersed.
• This survey examines network security management challenges and looks to provide key insight into opportunities to optimize IT resources and budget.
Introduction
Confidential 2
• This survey was conducted at RSA 2011.
• 108 respondents are deeply involved in their organization’s IT function and have at least a moderate involvement in network operations.
• 95 percent are Information Security professionals.
• 5 percent are Network Operations professionals.
• No AlgoSec employees, customers or partners are counted in the results.
Methodology
Confidential 3
• All security gateways cause network outages.
• Human error is the most common reason for network outages.
• Security change management is a huge challenge.
Key Findings
Confidential 4
• Every network device is represented with firewalls causing the most outages.
• IDS/IPS caused the least amount, however it is only deployed by 41% of respondents.
Confidential 5
Which devices have caused the most network disruption in the last 12 months?
• Human error is the most common cause.
Confidential 6
What is the most common cause of network outages?
A key recommendation is to shift investment from buying additional capacity into automating security management.
• Firewalls require the most time to audit, configure and update.
Confidential 7
What technologies require the largest time investment?
• There is a high volume of change at the gateway.
Confidential 8
What is the reason for the large investment?
Manually testing, applying and documenting changes requires significant time and money.
• Firewall configuration errors occur frequently and change management is often a weak link in the security and operations chain.
Confidential 9
Summary
Key Recommendations include: • Ensure network security and operations personnel
understand the impact of changes and that policies are clearly defined, documented and followed.
• Automate previously manual tasks to reduce errors and
improve operational efficiency.
• Here are additional resources to help you further research automating network security policy optimization and change management:
Confidential 10
Educational Resources
• Firewall Management: 5 Challenges Every Company Must Address
• The Big Collection of Firewall Management Tips • T-Mobile Video Testimonial • Verizon Business Video Testimonial • Free 30 Day Trial of AlgoSec Security Management Suite
Security Management. Made Smarter.
www.AlgoSec.com
Connect with AlgoSec on: