The protection that firewalls provide is only as good as the policy they are configured to implement. Analysis of real configuration data shows that corporate firewalls are often enforcing rule sets that violate well established security guidelines.
Excerpt:
Firewalls are the cornerstone of corporate intranet security. Once a company acquires a firewall, a system administrator must configure and manage it according to a security polivy that meets the company's needs. Configuration is a crucial task, probably the most important factor in the security firewall provides.
In this article, Avishai Wool focus on rule sets for Check Point's FireWall-1 product and, specifically, on 12 possible misconfigurations that would allow access beyond a typical corporation's network security policy. By documenting the frequency of misconfigurations in actual firewall data, Avishai Wool was able to check whether the configuration quality is correlated with other factors specifically, the operating on which the firewall runs, the firewall's software version, and a new measure of rule-set complexity.
