A comprehensive solution encompasses a minimum set of specifications, and firewall services are no exception. Given the wide scope that these products are meant to work in, the key elements that were considered are summarised below.
A system that operates on security concerns should be actively monitored. Managed Firewall products should include active monitoring capabilities, with options for multiple items to be monitored, triggered and trended.
All Firewall Management products would enjoy support from dedicated personnel, the availability of up-to-date patching and support structures based on proactive monitoring.
The argument for manages services includes a mandate for priority engagement as well as delivery, in order to facilitate Enterprise-level support as is likely necessary for high-end requirements.
All clients with Firewall Management services would thus be entitled to priority support, regardless of which package is selected. This means that a service provider would prioritise requests from these clients over clients without managed services portfolios. Furthermore, since a large proportion of managed services suffer from a lack of constant communication, an ideal provider would offer feedback not just when issues arise, but to confirm everything is in working order as well as offer optimisation information.
To ensure as broad an implementation capability as possible for potential clients who are already making use of their own firewalls, the Firewall Management products and associated services should be designed to be compatible with industry-leading vendors’ firewalls.
Currently, models from the following device types are supported:
- Linux-based (IPtables)
- Mikrotik (RouterOS)
- Cisco ASA
Service Level Agreement
A managed service at business level benefits from a well-structured SLA. Having such an agreement clearly defines the scope and responsibilities of the relationship to all parties. In addition, it sets out the performance and communication parameters which form an integral part of service delivery.
Firewall management is an integral component of any firewall solution. Based upon our findings and subsequent testing, we have taken the initiative and successfully “productised” the Firewall Management niche into a set of viable solution options. We are confident that all requirements are addressed across the product range and that our solutions are in line with evolving industry best practises and standards.
Our experiences with this and other practical case studies have resulted in a more formal approach to problem-based innovation, taking each case on its own merits and difficulties, while using information from all available instances to ensure a more diverse and flexible offering. In the applied environment, the Firewall Management service’s primary aim will be to promote far less downtime, the bane of any client’s network edge.