Consistent configuration polices and optimized rulesets

This organization is a leading multinational retailer, and one of the UKs biggest supermarkets with over 300,000 employees and sales of over £50 billion. Against the backdrop of a ruthless competitive landscape, inflationary pressure, and the need to keep prices low, the organization’s IT infrastructure must be at the top of its game.

It’s an immense challenge. Firewall rules are dynamic and there is constant demand for configuration changes to accommodate new services and processes. Across a global firewall estate, many of the administrative tasks are devolved to localized teams. Even with carefully documented change procedures, it can be difficult to maintain overall visibility of what the firewall rules are doing.

So when the organization decided to re-invest in the firewall infrastructure, they wanted a solution that would give them a single, consistent view of the state of all the firewalls and firewall rules, develop consistent configuration polices, and optimize rules for maximum performance.

 “With over 30,000 firewall rules and the constant demand for changes in configuration, we had to have a solution that would give us visibility, consistency, and performance.”

Manage access and maintain cyber hygiene

The company chose Skybox Security’s Firewall Assurance to help them to implement procedures to manage firewall access, optimize performance, and maintain cyber hygiene.

Using Firewall Assurance they can analyze firewall rule sets, platform configurations, and usage information, as well as performing rule-base optimization checks, policy and rule re-certification, and using the information to trigger change processes.

Firewall Assurance automates and improves cyber hygiene tasks, including logging, configuration, and change tracking. It also enables the team to find and eliminate redundant, shadowed, or overly permissive firewall rules, detect access policy violations, rule conflicts, and misconfigurations.

“With a single setting on Skybox, I can have a consistent configuration across all firewalls.”

Looking beyond the perimeter

Using Skybox, the team can rely on having a consistent overview of the state of all the firewalls in the organization at their fingertips.

With any estate of firewalls, there is always a risk that too many permissive rules can be introduced over time. With Skybox the team can rely on a single source of truth for firewall changes and ensure that access is correctly managed.

The team leverages the APIs provided by Skybox to analyze access and can answer questions such as, “Do we need a rule?” on an as-needs basis. 

Using Skybox, the organization has been able to review and test all the firewalls on the organizational perimeter and look at the zoning policies used to mitigate against the risk of a lateral move, should an attacker breach the perimeter.

“With over 4,000 networks, we can see exactly which ones are in which zones, helping ensure we control access and minimize risk.”