Opinion

Top 10 Reasons the Firewall Guy's Hair is on Fire

The firewall is a mature technology, right? Then why do those who manage it feel like they're running a daycare overrun with little savages?

By Mark Desmond, Regional Manager, Tufin Technologies

5.) A user is requesting a change for a new rule, but the firewall guy can't tell if that traffic is already allowed, and has 30 other things to do so he simply adds the new rule with the intention of reviewing it later. Can you guess how the story ends?

4.) Process? Documentation? Authorization? Just how quickly does the CEO need network access?

3.) "You want a rule usage report for firewalls protecting the 50 Web servers in Sacramento? WHAT 50 Web servers in Sacramento?"

2.) "What do you mean the quarterly PCI reports are now MY responsibility?"

1.) It's 3 p.m. and his manager wants to know if all 200 firewalls (with at least 250 rules per firewall) from multiple vendors across six countries are in compliance with seven distinct regulations, two of which are regulations from different countries that contradict each other. And he wants to know by the end of the day.

Operations people are a noble lot. They deal first-hand with the never-ending network complexity, and because their triumphs are measured in disasters avoided, they are therefore rarely, if ever publicly acknowledged.

So, before you deny their request to attend Black Hat/DefCon this summer, re-read this list for a reminder of how much they add to the organization. And then "Any, Any, Any, Accept" the request.

• Email
• Print
• Comments
• Digg This
• SlashDot

• Web Application Firewalls: How to Evaluate, Purchase and Implement
• Network Security: The Basics
• How IT Security Pros Blow Off Steam