| Firewalls and Security Risks | | | | firewall administrator are usually different individuals, |
| Firewalls are dangerous! Let me explain, the primary | | | | they may be unclear on the precise impact of their |
| function of firewalls is to provide a buffer from | | | | own decisions on each other\'s domains. In addition, |
| external attacks. Firewalls give people a feeling that | | | | administering a firewall requires making frequent, small |
| their systems on internal networks are secure, which | | | | changes to the configuration, effectively changing the |
| leads to a sense of complacency. But what they have | | | | firewall\'s security policy dynamically. Making any |
| actually done by putting a firewall is, put their systems | | | | changes to the firewall configuration, without fully |
| at higher risk, by allowing access between internal and | | | | understanding the implications of that change, puts the |
| external networks. The proper configuration of | | | | network at higher risk of being attacked. |
| firewalls, such that it provides maximum cover from | | | | What network administrators need is an effective tool |
| security risks, demands significant network | | | | that will, at click of a button, show them the impact of |
| administration skills as well as level of understanding of | | | | their rule change on the overall network policy. A tool |
| organizational infrastructure. There are two immediate | | | | that can perform what-if analysis of rule changes and |
| impacts on Firewall installation on an organization’s | | | | show the impact on network security policy even |
| psyche. First of all there is an almost certain increase in | | | | before the configuration is modified. Athena FirePAC, |
| amount of message traffic once the firewall is put in | | | | from Athena Security Inc. is a product which precisely |
| place. Secondly, people take more lenient approach | | | | does that. |
| towards the files or e-mails coming from unknown | | | | Reducing Security Risks using FirePAC |
| sources. These two can be a lethal combination. The | | | | FirePAC can help network administrators in reducing |
| very device that was meant to protect your network | | | | the security risks in many ways. First of all FirePAC |
| becomes the main culprit when systems are under | | | | can inform network administrators about the potential |
| attack from hackers. | | | | impact of change on their security policy, without |
| Network Security Policies and Firewall | | | | actually making any changes to the firewall |
| It is always good to have a well defined security policy | | | | configuration. Secondly FirePAC provides them |
| before the firewall is installed and configured. But | | | | comprehensive risk analysis report, which pin-point the |
| it’s not as easy as it sounds. Not all responsible | | | | security risks, clearly identified on the scale of High, |
| policy-makers would necessarily know how to state | | | | Medium and Low. This report is generated based on |
| their policy requirements. The second problem comes | | | | over 100 security checks derived from industry |
| in translating between the security policy and the | | | | standard network security specifications. |
| firewall implementation. Since the policy maker and the | | | | |