RE: [fw-wiz] firewall rule lifecycle management

From: Bruce Smith (bruce_the_loon_at_tiscali.co.za)
Date: 08/30/05

  • Next message: Skip Carter: "Re: [fw-wiz] firewall rule lifecycle management"
    To: "'Michael Cox'" <michael@wanderingbark.net>, <firewall-wizards@honor.icsalabs.com>
    Date: Tue, 30 Aug 2005 20:09:12 +0200
    
    

    Hi

    From my PIX experience, clear rule counters every month. After a while, look
    for the rules that have zero counts and then remove them. Can be scripted
    and searched with grep.

    Bruce

    -----Original Message-----
    From: firewall-wizards-admin@honor.icsalabs.com
    [mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of Michael Cox
    Sent: Tuesday, August 30, 2005 5:25 PM
    To: firewall-wizards@honor.icsalabs.com
    Subject: [fw-wiz] firewall rule lifecycle management

    Hi all.

    Question: What do those of you in large environments do to manage your
    rulesets in terms of removing access that is no longer required? We get
    lots of requests to add access, but are almost never told when
    something can be removed. This is a large corporation with lots of
    subcontractors, B2B, etc., and we're looking for ideas on how others
    get a handle on this (or does anybody?).

    Thanks in advance!
    Michael
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Skip Carter: "Re: [fw-wiz] firewall rule lifecycle management"