More

    Five Tips to Securely Decommission Business Applications

    Accurately identifying and removing access rules for decommissioned applications, without impacting the accessibility of other applications, is a huge issue for many organizations. Oftentimes, unnecessary or overly permissive access rules are left in place due to the fear of making a change that impacts the network or applications.

    In this slideshow, AlgoSec, a security policy management company, examines the challenges of decommissioning business applications and offers five tips for improving security without affecting network operations by removing firewall rules that are no longer in use.

    Five Tips to Securely Decommission Business Applications - slide 1

    Click through for five tips to help your organization to securely decommission business apps, as identified by AlgoSec.

    Five Tips to Securely Decommission Business Applications - slide 2

    The majority of firewall changes are driven by business applications. Make sure that you can associate all firewall change requests to the appropriate application, so you understand the impact to the application and to the network.

    Five Tips to Securely Decommission Business Applications - slide 3

    Identify the rules that are only used by the decommissioned application. Armed with this information, you can ensure that you don’t remove rules needed by other applications to function properly. A nice side effect is that you can safely eliminate policy clutter, which can increase the time to prepare for audits, assess the policy for risk, troubleshoot connectivity issues and degrade firewall performance.

    Five Tips to Securely Decommission Business Applications - slide 4

    By keeping a log of your rule usage patterns, over time you will have visibility of rules that are unused and show no traffic hits. This information can also help you identify rules that are safe to retire.

    Five Tips to Securely Decommission Business Applications - slide 5

    Leveraging the comment fields within the firewall rule base (if they’re filled out properly) gives you a valuable source of information regarding the rule – its purpose, what it’s tied to perhaps, if it’s only intended to be there for a certain period of time, etc.

    Five Tips to Securely Decommission Business Applications - slide 6

    Eighty percent of respondents in AlgoSec’s State of Network Security Survey 2013, noted that application-related rule changes resulted in outages or impaired performance. Changing or decommissioning rules is tricky if you don’t have all of the information you need. If you blindly remove firewall rules, more often than not some very unpleasant side effects will occur. Remember that rules and objects can be shared across multiple applications. For example, if you remove one rule that allows traffic through the entire application zone, as a side effect, you will also break the traffic patterns required by a business application that still needs its connectivity.

    Latest Articles