This is Sam Erdheim's TypePad Profile.
Join TypePad and start following Sam Erdheim's activity
Join Now!
Already a member? Sign In
Sam Erdheim
Recent Activity
Examining the Need for Application-Centric Security Policy Management
Today's network security policies continue to grow in volume and complexity, yet oftentimes organizations rely upon manual management, which is too cumbersome, inefficient, and error-prone. The result? Increased cost, risk, and ultimately the inability of IT Security and Operations teams to keep up with the needs of the business. An... Continue reading
Posted Apr 10, 2013 at Playing with Fire
Comment
0
State of the Firewall: Even More Q&A with Our Panelists
Image
Continuing our follow-up from the State of the Firewall in 2013 webcast, our panelists addressed questions such as "What's the difference between UTM and NGFW?" and "Besides cost savings, what's the greatest value that a NGFW provides?" In this post, our panelists responded more in a rapid-fire Q&A session to... Continue reading
Posted Mar 5, 2013 at Playing with Fire
Comment
0
State of the Firewall - Panelists Answer More of your Questions
Image
Since it's RSA week, it's a perfect time to continue the discussion of the State of the Firewall in 2013. Last week we attempted to address the most asked question from our State of the Firewall webcast, but we have many more questions to address (and will address in more... Continue reading
Posted Feb 26, 2013 at Playing with Fire
Comment
0
State of the Firewall - UTM vs. NGFW
Image
In our recent webcast discussion alongside panelists from Fortinet, NSS Labs and General Motors, we examined the State of the Firewall in 2013. We received more audience questions during the webcast than the time allowed for, so we'd like to answer these questions through several blog posts in a Q&A... Continue reading
Posted Feb 19, 2013 at Playing with Fire
Comment
2
Back in Time and Back to the Future: Looking at the Evolution of the Firewall
Image
Guest post by Matthew Pascucci, Information Security Writer and Practitioner As we’ve entered a New Year and we look back at the events of the past year, I thought it would be interesting to examine the firewall from its beginning and how it’s evolved. We’ll review the transformation of the... Continue reading
Posted Jan 16, 2013 at Playing with Fire
Comment
1
Enhancing Your Security at the Edge: Part 1 of 2
Image
Guest post by Matthew Pascucci, Information Security Writer and Practitioner I think many of us can agree that the network perimeter as we’ve known it is no longer. In this two-part blog series we won’t spend time on the reasons for this (There are many and you can listen to... Continue reading
Posted Nov 27, 2012 at Playing with Fire
Comment
0
Making the Business Case for Firewall Policy Management: Part 4 of 4
Image
So far, we've examined the business case for firewall policy management around the following areas: Simplifying Firewall Audits and Preparation Reducing the Time to Process Firewall Change Requests Saving Time to Troubleshoot Network Connectivity Issues In our final segment of this blog series, we'll examine the value of extending hardware... Continue reading
Posted Nov 6, 2012 at Playing with Fire
Comment
0
Making the Business Case for Firewall Policy Management: Part 3 of 4
Image
If you manage your organization's network, you have most assuredly had one of those days... where network traffic isn't flowing properly or even worse where there is an outage (see GoDaddy Stops - Why Network Security Management is So Important). Without the proper visibility and tools, the time to troubleshoot... Continue reading
Posted Oct 23, 2012 at Playing with Fire
Comment
1
Ensuring Your Firewalls are Properly Configured
The network perimeter has disappeared for many reasons including some common buzzwords these days such as BYOD, the cloud and more. But what often is overlooked is that the majority of firewall breaches (the traditional first line of defense) are actually caused by improper configurations (see our "horror stories" blog... Continue reading
Posted Oct 11, 2012 at Playing with Fire
Comment
0
Making the Business Case for Firewall Policy Management: Part 2 of 4
Image
In our first blog of this series on the business case for firewall policy management, I examined the potential cost savings from an audit perspective. Part 2 will focus on the financial value of reducing the time required to process firewall changes. Many organizations struggle with change processes because business... Continue reading
Posted Oct 9, 2012 at Playing with Fire
Comment
0
Firewall Policy Configuration Myth Examined
Recently, we posted a blog on firewall misconfiguration horror stories. One of the great security myths is that inbound traffic is more dangerous than outbound traffic. This is based on the false notion that unlike traffic from outside the network flowing in, traffic originating from the inside the network is... Continue reading
Posted Sep 27, 2012 at Playing with Fire
Comment
0
Making the Business Case for Network Security Policy Management: Part 1 of 4
"Return on investment" does not come naturally when evaluating the purchase of security products. The reason for this is fairly simple as you don't get credit for protecting data or for keeping the business running - you only get the blame if data is lost or stolen, or if business... Continue reading
Posted Sep 18, 2012 at Playing with Fire
Comment
0
Network Security Horror Stories: Router Misconfigurations
Guest post by Matthew Pascucci, Information Security Writer and Practitioner In our the last installment of our network security horror stories (part one was on Change Control and part 2 on Firewall Misconfigurations) and today we’re going to focus on router misconfigurations. Like firewalls, routers play an important part of... Continue reading
Posted Sep 12, 2012 at Playing with Fire
Comment
0
Network Security Horror Stories: Firewall Misconfigurations
Guest post by Matthew Pascucci, Information Security Writer and Practitioner Here we are with our second installment of network security horror stories and having already discuss some of the firewall change control issues in this article we’re going to review some firewall misconfigurations I’ve seen at client sites. The firewall... Continue reading
Posted Sep 4, 2012 at Playing with Fire
Comment
1
Network Security Horror Stories: Change Control
Guest post by Matthew Pascucci, Information Security Writer and Practitioner When you’re in IT Security for as long as I have been you’ll most likely have quite a few horror stories regarding firewall change management and some shockingly dumb moves. Here are three isolated issues that I’ve seen in my... Continue reading
Posted Aug 21, 2012 at Playing with Fire
Comment
0
Simplifying Firewall Audits and Ensuring Continuous Compliance: Part 6 of 6
We've reached the final frontier in our blog series on simplifying firewall audits and ensuring continuous compliance. A quick recap of the previous steps examined: Step 1: Gathering Pertinent Information Before You Undergo an Audit Step 2: Review Your Firewall Change Management Process Step 3: Audit Your Firewalls' Physical and... Continue reading
Posted Aug 7, 2012 at Playing with Fire
Comment
0
4 Ways to Persuade Upper Management that Business Agility Can Be Improved through Information Security
Guest post by Matthew Pascucci, Information Security Writer and Practitioner Security has traditionally been viewed as a tradeoff with business productivity. It’s been this way for years. But it doesn’t have to be. CIOs and CISOs need to have their finger on the pulse of security and how it affects... Continue reading
Posted Jul 31, 2012 at Playing with Fire
Comment
0
In the Trenches - How to Secure the Disappearing Network Perimeter
Historically there has always been a clear network perimeter, with traditional firewalls separating internal resources from the outside world. However, with emerging trends such as remote workers, outsourcing, virtualization and bring your own device (BYOD) programs, the network perimeter is eroding. In this Q&A style podcast, we ask infosecurity practitioner... Continue reading
Posted Jul 24, 2012 at Playing with Fire
Comment
0
Automating Firewall Change Management and How to Integrate with Remedy
Managing firewall changes is no simple task. There are several keys to ensuring a smooth firewall change management process - that meets both security and business agility requirements. Automating tasks where possible. Examples of this include, but are not limited to: - Leveraging out-of-the-box change workflows to efficiently manage some... Continue reading
Posted Jul 18, 2012 at Playing with Fire
Comment
0
Simplifying Firewall Audits and Ensuring Continuous Compliance: Part 5 of 6
Ok folks, we're almost at the end of the tunnel with our audit checklist part 5 of our 6 part series on Simplifying Firewall Audits and Ensuring Continuous Compliance, which focuses on risk assessment... after all what's the purpose of undergoing an audit anyway if pinpointing your risk isn't part... Continue reading
Posted Jun 26, 2012 at Playing with Fire
Comment
0
Automating the Change Workflow for Blue Coat Secure Web Gateways
Network complexity is a killer. Managing different network and security devices, from different vendors, distributed across multiple geographical locations isn't easy and can pose operational and security challenges. And on top of that you have to process a flurry of change requests. While many organizations are saddled with managing an... Continue reading
Posted Jun 21, 2012 at Playing with Fire
Comment
0
Class is in Session: Firewall Policy Management for Dummies
Image
School may almost be out (at least where I am), but there's lots of learning to do. Firewalls have been around for a while now and are evolving (watch Next-Generation Firewalls: Overview of Application and User-Aware Policies), but too many organizations are still grappling with the foundational issue of effectively... Continue reading
Posted Jun 14, 2012 at Playing with Fire
Comment
0
Firewall Management 201: Firewall Policies are not a Black or White Decision
Today's threats and complex environment make it hard to effectively define and enforce policies in a black or white fashion... it's just not that simple as there is a lot of fuzziness regarding what's needed and what's risky and how to balance that. And all of these decisions are unique... Continue reading
Posted Jun 11, 2012 at Playing with Fire
Comment
0
Compliant or Complacent? A Security Pro's Viewpoint
Guest post by Matthew Pascucci, Information Security Writer and Practitioner Increased government regulations and industry requirements are forcing organizations to comply with standards that in the long run are actually very useful. Many of the required controls can seriously help improve your security posture – especially if your company is... Continue reading
Posted May 29, 2012 at Playing with Fire
Comment
2
Simplifying Firewall Audits and Ensuring Continuous Compliance: Part 3 of 6
In the first two parts of this blog series I focused on Gathering Pertinent Data for a Firewall Audit and Reviewing the Firewall Change Control Process. In this third installment, I'd like to examine the steps you need to audit your firewalls' physical and operating systems' security. This is important... Continue reading
Posted May 21, 2012 at Playing with Fire
Comment
0
Subscribe to Sam Erdheim’s Recent Activity
The Typepad Team
View all »
0 Favorites