New and innovative security tools seem to be emerging all the time, but the frontline defense for just about every network in operation today remains the trusty firewall. They aren’t perfect, but if configured correctly and working as intended, firewalls can do a solid job of blocking threats from entering a network, while restricting unauthorized traffic from leaving.
The problem network administrators face is that as their networks grow, so do the number of firewalls. Large enterprises can find themselves with hundreds or thousands, a mix of old, new and next-gen models, probably from multiple vendors — sometimes accidentally working against each other. For admins trying to configure firewall rules, the task can quickly become unmanageable.
That is where Security Policy Management comes into play. These products used to be called firewall managers, and in truth, they mostly still just manage firewalls – though some also help with routers and switches. They allow administrators to define security policies, and then rely on the programs to – somewhat automatically – make it happen.
We looked at security policy management programs from AlgoSec, Tufin and Skybox. Each suite was deployed and tested in a virtual and physical environment stacked with firewalls from all the top vendors including Palo Alto, Cisco, WatchGuard, Check Point and others. We deployed new security policies, tracked and identified traffic flow complications, decommissioned old or non-functional rules and checked configurations against desired security policies and regulatory requirements.