We are regularly engaged by clients who are looking to enhance or replace their perimeter security solution (e.g. firewalls).
When we embark on a project like this we rarely approach the problem from a technical or network standpoint. To implement a solution that confidently protects a customer network and your information assets, you first need to understand their business. What systems do they use? Where are their users located? How many sites? Do they permit remote access? Who and what should access the internet?
In these circumstances, we often use the existing policy as a baseline but not the blueprint. We develop an understanding of their organisation and identify how a network security solution can form part of the overall security and network architecture.
Our project approach
A typical project approach for a firewall solution, whether it be an external firewall providing perimeter security or an internal firewall solution:
1 – Understand
The first step in a project such as this is to understand your business. Our consultants need to develop an understanding of your business, your customer, business processes and systems. Internet connected devices, the cloud, mobile devices and the emergence of malware and similar threats all pose a threat to your business. The threats, risks and any regulatory obligations (e.g. PCI) will enable us to understand the level of security that is required. Security solutions are ultimately driven by a combination of financial or reputational risk; ServiceTech recognise a business case needs to underpin any security solution.
2 – Assessment and requirements analysis
The assessment phase comprises two stages. First we evaluate the firewall and network security policy you currently have in place. The second phase is to understand how your current solution maps to the needs uncovered in phase 1.
Does the existing solution provide adequate protection? Has the solution or rule-set evolved with the business and changing platforms? The findings of this phase will identify any gaps and provide inputs for the development phase.
3 – Develop
The goal of the development phase is to develop a security policy that provides adequate security for your business. This phase will include the planning, architecture and conversion of any existing security policy. The scope of this process will include firewall rules, IPS policies, antivirus and content filtering, web and application control, management and reporting. We pay particular attention to the intricacies such as TCP and UDP timers, ALGs, NAT behaviour and platform-specific oddities (of which there are many). This level of detail coupled with our experience ensure sa smooth migration and switchover.
4 – Review
At this point in the project MTG will undertake a full joint review of the proposed security solution. This phase will also provide an opportunity for an additional clean-up of the firewall rule policy and configuration.
5 – Test
Prior to the new solution being introduced into a live environment, MTG will run a series of tests to baseline the solution before the migration. This testing process is facilitated through the use of test plans, scripts and network analysis software. For example, internet access can be tested, access to cloud applications determined and making sure other key business systems are available.
We will work with the customer to ensure the test scenarios and scripts are applicable to their infrastructure, systems and applicable base; as uncovered in phase 1.
Testing will also be undertaken at Steps 6 and 7, continuing after every change or new business requirement.
6 – Implement
The implementation phase or “cut-over” is arranged for a maintenance window, typically outside of normal business hours. MTG will perform sanity checks to ensure traffic is passing through the firewall and the new solution is behaving as expected. If changes are required, configuration adjustments can be made in order to resolve any particular issues. Once in production and the configuration accepted by the customer, MTG will be contactable to resolve any migration or implementation related issues.
7 – Manage
Now the solution has been introduced into the live environment, MTG will manage the solution and day to day configuration management. The customer can submit change requests by e-mail or telephone which will then be actioned by MTG to an agreed process. The detail of the change control process and the SLA that governs this service is available in a separate document.
Transition to a UTM/NGFW solution today
We work closely with Fortinet, a leading manufacturer of Next Generation and UTM Firewalls. We have been engaged in a dozens of projects, migrating clients away from ageing Cisco ASAs, Juniper NetScreen, Sonicwalls and Watchguard. ROI is a vital component of any security project and the technology and rich feature set make it very easy to demonstrate an ROI to key business stakeholders.
Greater network insight, safeguarding against cyber-threats, integrated wireless controller, secure mobile working and high availability are key selling points. Perhaps more importantly, the reporting and MI garnered from the device can be used to demonstrate the effectiveness. That next generation firewall ceases to become that expensive box we just bought and it can demonstrate its effectiveness (and thus ROI) to the board. Protection against APTs, intrusion prevention, DLP and sandboxing are key security enablers.
We have experience implementing firewalls in both SMB, enterprise and service provider environments. Our engagement can be consultancy, supply only or a fully managed security service.