Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: firewall rule lifecycle management
From: Joe Matusiewicz <joem () nist gov>
Date: Tue, 30 Aug 2005 15:08:33 -0400

At 11:25 AM 8/30/2005, Michael Cox wrote:
Hi all.

Question: What do those of you in large environments do to manage your
rulesets in terms of removing access that is no longer required? We get
lots of requests to add access, but are almost never told when
something can be removed. This is a large corporation with lots of
subcontractors, B2B, etc., and we're looking for ideas on how others
get a handle on this (or does anybody?).

Once a year we get the diverse groups in a room and review the rules. It's a long meeting and you will always hear the words "that box doesn't exist anymore".

-- Joe

firewall-wizards mailing list
firewall-wizards () honor icsalabs com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]