Firewall Insight by Infrasmart Solutions
Provide firewall insight to all your app teams to reduce risk and maintain security.
Firewall Insight gives app teams the focused visibility into firewall rules and usage data that they need to run regular high quality audit and verification controls on a rule-by-rule basis to keep your apps secure.
Problem
Many companies struggle to keep their firewalls correctly configured for the dynamic application environments of today. This is often caused by app teams separated from the network and security teams, using service desk systems to request firewall rule creation/updates/deletions, but without any insight into the actual firewall rules active for their applications. Over time config drift and app server changes causes the security risk to increase due to mismatched firewall rules and application environments, sometimes causing critical security breaches and data leaks.
Many companies struggle to keep their firewalls correctly configured for the dynamic application environments of today. This is often caused by app teams separated from the network and security teams, using service desk systems to request firewall rule creation/updates/deletions, but without any insight into the actual firewall rules active for their applications. Over time config drift and app server changes causes the security risk to increase due to mismatched firewall rules and application environments, sometimes causing critical security breaches and data leaks.
Solution
Firewall Insight helps to avoid mismatched firewall rules and application environments by giving your app teams live visibility into the actual firewall rules created for their application and also the associated usage information like detailed traffic logs and rule hit-counts. Combined with the capability to request, register and log all audit activities performed at the rule level you can be sure that your firewalls and applications are kept secure.
How it works
The Firewall Insight web portal has a secure api interface with your Palo Alto firewalls and your regular authentication backend (e.g. Active Directory) to provide visibility into the specific firewall rules and associated logs and statistics for authenticated app team members. Firewall rule tags are used to identify rule ownership and this is used to provide each app team with a view over only the rules owned by them. All information is live, pulled from the firewalls using api’s. No firewall information stored in the Firewall Insight system database except for rule audit details and the audit trail log.
Firewall Insight helps to avoid mismatched firewall rules and application environments by giving your app teams live visibility into the actual firewall rules created for their application and also the associated usage information like detailed traffic logs and rule hit-counts. Combined with the capability to request, register and log all audit activities performed at the rule level you can be sure that your firewalls and applications are kept secure.
How it works
The Firewall Insight web portal has a secure api interface with your Palo Alto firewalls and your regular authentication backend (e.g. Active Directory) to provide visibility into the specific firewall rules and associated logs and statistics for authenticated app team members. Firewall rule tags are used to identify rule ownership and this is used to provide each app team with a view over only the rules owned by them. All information is live, pulled from the firewalls using api’s. No firewall information stored in the Firewall Insight system database except for rule audit details and the audit trail log.
How to get started
The Firewall Insight system can run on a small dedicated Windows server or installed on a shared server. Prerequisites are some way to identify app team members by e.g. active directory group memberships, and also a completed activity to identify rule ownership and create proper rule tags accordingly. Please note that no changes to your current firewall operation model is required. The Firewall Insight system will interface with your firewalls no matter what operating model you have chosen for them.
The Firewall Insight system can run on a small dedicated Windows server or installed on a shared server. Prerequisites are some way to identify app team members by e.g. active directory group memberships, and also a completed activity to identify rule ownership and create proper rule tags accordingly. Please note that no changes to your current firewall operation model is required. The Firewall Insight system will interface with your firewalls no matter what operating model you have chosen for them.
Contact info@infrasmart.net for more information.