Security Basics mailing list archives
Re: Managing Firewalls
From: "Rajeev Gupta" <rgup14 () gmail com>
Date: Fri, 1 Sep 2006 07:28:15 -0400
At a minimum, customers would like to see a mix of the following: 1. View their policy in read-only 2. View live logging of their traffic - if not 'live', they would ask for historical log files or reporting based on these logs analysis 3. Maintaining certain naming conventions for their networks/objects which needs to be resolved based on ISP naming conventions. 4. Monitoring of the firewall/VPN devices for any hw failures/CPU spikes or various fw processes by ISP 5. Traffic analysis and reports in various categories - such as 'the top 10 services being used', trend-analysis to assess and scale up hw/software. 6. They would like to see effective 'reprovisioning/replacements' policies in view of any hw/os/fw failure. These are based on real experience from ISP level and may serve a starting point for you - very raw list but hope it helps. Rajeev On 8/31/06, Ravi Malghan <rmalghan () yahoo com> wrote:
Hi: I am in a Managed Security Environment managing 100+ netscreen and checkpoint firewalls. The current management/monitoring we provide is very messed up and I want to start from scratch. I am trying to understand what kind of management functionalities do typical enterprise customers like to see from their ISP as far as the firewalls are considered. Since the type of customers vary (financial, health etc), I am trying to come up with a base framework from which I can built additional functionalities based on the type of customer. Currently I collect logs from all the firewalls and store them in a database. Are there any whitepapers or standards? Any suggestions on where I can start from? Thanks in advance. Ray __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Managing Firewalls Rajeev Gupta (Sep 05)