Skip to main content

Role Based Firewalls - New products on the anvil

Devices that have varied capabilities are increasing in number. This would lead to the inevitable deluge of devices connecting through Bluetooth, Wifi, Wimax, Fiber and any other medium that is considered good enough for data to be carried over.

The present set of tools that we use for securing networks are part of the risk management stance of an organization. The complexity of the varied devices is making it much more difficult and the balance between productivity and the technology advantage is lost if the organization does not use the latest in technologies.

We are seeing Contractors and end users who want to use their own devices. They want to connect to "The Networks" and the Infosec practitioner is to provide the needed connectivity to resources at the same time ensuring that the data is protected. The Contractor may work for our competitor, how do we ensure that he has access to systems that he needs access to. This is where the new breed of products would come in. The Role Based Firewalls. These rules are to applied based on the role assigned to the user, may be this system needs to talk to the project management and ERP systems to ensure that the Contractor gets to connect to the right set of services.

Lets check out a example scenario. A contractor connects to the system and he has been assigned into the Contractor group in the Active Directory. This same Contractor is also assigned into few projects where his expertise is required. A set of resources are assigned as being required for the Contractor to deliver his services. Based on this profile, the Application Proxy firewall creates a virtual firewall based on the Contractor settings and assigns him to channel all his traffic through that filter.

Is there a product that does something like this? If not I take credit for conceptualizing such a system.

Comments

Popular posts from this blog

Malware Damage - It is real and you need to be ready ...

  Malware, short for "malicious software," is any software intentionally designed to cause harm to computer systems, networks, or devices. Malware can take many forms, including viruses, trojan horses, worms, ransomware, spyware, and adware, among others. The dangers of malware are numerous, and it is crucial to protect yourself from malware to avoid serious consequences, such as: Data theft: Malware can be designed to steal personal information, such as bank account details, social security numbers, and login credentials. Once this information is stolen, it can be used for identity theft, financial fraud, and other malicious activities. System damage: Some malware can damage your computer system, causing it to crash or malfunction. This can result in lost data, system downtime, and costly repairs. Financial loss: Malware can also be used to extort money from victims. For example, ransomware can lock down a victim's computer and demand payment in exchange for the decrypti...

The Finger Knows, even if your brain does not - Passwords

Was reading an interesting article, now that I have lost the link, I may not have it here, though I would fill that in once I get hands on it. This article was how the fingers knows what you are typing even though your eyes reading the content says you typed in wrong. This was done in a research that talks about how they introduced typos, some of the typos were introduced even when it was typed proper and some typos were corrected randomly. The conclusion of the study was that, the finger paused a second, when it typed fine, but the eyes looking at the screen, saying you got it wrong. The pause is because of the auto recognition of the fact by the fingers when you make a typo or that you are sure that you got the correspondence between the eyes and the fingers. Reading the article, made me wonder, have we not always remembered our passwords for different sites. Many a times I have had the opportunity to go to a website and even without thinking for a moment, the fingers go and hav...

A Roadmap to move from Cloud to In premise - The reverse migration -- Is Cloudflation at myth?

 Cloudflation as a term is being used and talks on the spiralling cost of cloud bills for an organization. The easily available and provisioning options leads to workloads that run for no reasons, orphaned accounts and a gamut of costs that are accrued by multiple departments without much of an oversight. There is a trend to reduce the workloads and have a semblance of order. It is imperative that we have plans that helps to reverse the migration to cloud and bring back some of the workloads that might work cheaper to run local. Is there a roadmap to achieve this goal? A few pointers in this direction A roadmap for moving from the cloud to in-premise computing should include the following steps: Assess current workloads: Assess the current workloads that are running on the cloud and determine which workloads would be most suitable for in-premise computing. Identify in-premise infrastructure: Identify the in-premise infrastructure that will be needed to run the identified workloads....