September 4th, 2015 by Haseeb Budhani
The most exciting part of my job is speaking to individuals who are at the forefront of securing complex networks belonging to the more well-known brands in the world. I caught up with one such individual this morning and we had a great conversation around managing firewall rules and other security policies.
This particular individual took over a new role recently and one of the projects he prioritized is figuring out exactly who has access to his company’s network and why. Here are some details on this project:
Two key findings from this exercise were:
If you are surprised by the findings above, you are in the minority.
As IT leaders running large networks will tell you, firewall rules and VPN profiles tend to grow exponentially over time and no one really remembers why Jim with Partner-X was given access to the production subnet 4 years ago.
So do these companies need a firewall rule management solution? Not particularly, since such a solution will cover up the problem for a short amount of time but won’t really solve the underlying issue.
Is there a better way? Absolutely.
We believe that no user really needs network access. What they need is application access.
So how can IT/Security grant users application access while protecting their network from unwanted network access? And how do they apply the same solution to their data centers, to their hosted environments, and to their virtual private cloud (VPC) environments in public clouds such as AWS?
Soha Cloud is a solution that can address access related enterprise security needs. Soha Cloud AirGAPs enterprise applications from the Internet, delivers a better security model than what traditional security solutions provide, and enables secure access for sanctioned users from any device.
We deliver, in the form of an easy to consume service, the functionality typically cobbled together using VPNs, ADCs, monitoring tool and an army of engineers. And we do this without requiring any changes to your applications, to your perimeter or infrastructure, or to the end user’s device. Our solution does not give users access to the network – only to applications – while nullifying the network attack surface exposed by traditional infrastructure.
If you and your team have ever wondered what you could do to reduce firewall rule bloat, Soha Cloud can enable you to LOCK DOWN YOUR FIREWALL ENTIRELY. Zero inbound ports open. Period. Doesn’t that sound like a radically better way to secure enterprise networks?
Questions? Comments? Please feel free to get in touch.