Re: Managed firewalls

[Matthew Perry <mlperry () gmail com>]

Thanks everyone for the recommendations.  This is a new area for me and glad
to hear some feedback from those of you who have experience with it.

On Sat, Feb 12, 2011 at 2:11 PM, Russell Eubanks <
securityeverafter () gmail com> wrote:

> Another good thing to do is a bi- annual firewall review, line by line, to
> make sure the rules are as you intend and reflect your current needs.  Also
> to make sure you are running the most current version of code.
>
> Since they are managing the device for you, I consider it fair game to ask
> for their recommendations after they review your configs every so often. In
> theory, their collective knowledge will be valuable.
>
> All of this will give them the opportunity    to re-earn your business by
> having the prove their value to your business.
>
> Russell
>
>
> On Feb 12, 2011, at 12:13 PM, John Strand <strandjs () gmail com> wrote:
>
> I would also recommend that you periodically "test" them.
>
> Something as simple as a remote Nessus scan, or a outbound clear text
> shell.
>
> See if they catch it.
>
> If they do not, be sure to give them hell.
>
> John
>
> On Fri, Feb 11, 2011 at 8:31 PM, Jack Daniel < <jackadaniel () gmail com>
> jackadaniel () gmail com> wrote:
>
> > Like most things, "it depends".  As Josh said, if the outsourced
> > vendor does a great job, it can be very good.  Big honking "if" there,
> > though.
> >
> > A few questions off the top of my head:
> > What are the SLAs, and how are they enforced?
> > How long does it take to get changes applied?
> > Do you retain ownership of the hardware on premises?
> > Do you "own" the configs, or can they flatten the box when terminated?
> > Do you have audit rights to the systems?
> > What kind of reporting and documentation do they offer?
> > Do they guarantee configurations compliant with your regulatory
> > requirements?
> > What about patching/updating, do they provide a guaranteed update
> > window after patches/fixes are released?
> > Is it all in writing?
> >
> > Jack
> >
> >
> > On Fri, Feb 11, 2011 at 7:12 PM, Matthew Perry < <mlperry () gmail com>
> > mlperry () gmail com> wrote:
> > > All,
> > >
> > > We have been acquired by another company that is use to outsourcing
> > > their management and monitoring of firewalls to another company.  I
> > > have always been against this especially since they would have the
> > > keys for any point to point connections.  How does everyone else in
> > > the pauldotcom community feel about this and is it a standard
> > > practice?
> > >
> > > --
> > > Matthew Perry
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > <Pauldotcom () mail pauldotcom com>Pauldotcom () mail pauldotcom com
> > > <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom>
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: <http://pauldotcom.com>http://pauldotcom.com
> >
> >
> >
> > --
> > ______________________________________
> > Jack Daniel, Reluctant CISSP
> >  <http://twitter.com/jack_daniel>http://twitter.com/jack_daniel
> >  <http://www.linkedin.com/in/jackadaniel>
> > http://www.linkedin.com/in/jackadaniel
> >  <http://blog.uncommonsensesecurity.com>
> > http://blog.uncommonsensesecurity.com
> > _______________________________________________
> > Pauldotcom mailing list
> >  <Pauldotcom () mail pauldotcom com>Pauldotcom () mail pauldotcom com
> >  <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom>
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: <http://pauldotcom.com>http://pauldotcom.com
>
>
>
> --
> John Strand
> Office: (605) 550-0742
> Cell: (303) 710-1171
>
>  _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: <http://pauldotcom.com>http://pauldotcom.com
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com



-- 
Matthew Perry

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com