Ask the Expert

Who is responsible for the firewalls?

In my company our information security department is different from the network group. The network group handles the installation, upgrade, routing and IP address specification on the firewalls, while information security writes the rules. The problem is that almost all trouble shooting involves the two groups. For instance, in a session that involves VPN tunnels, information security will not be able to delete and reestablish a specific VPN tunnel as they would not have the right to. What have you seen in the industry? Should the firewall responsibility be split between two groups? If not, who should be responsible for the firewalls, information security or the LAN/WAN group?

    Requires Free Membership to View

Information security extends beyond networks and has much wider domain coverage. It's always a good practice to have a separate InfoSec department that works with all the business units and departments and helps implement the organization's ISMS. In regards to networks, Infosec works as an architect whereby they create IT security designs, policies, procedures and define IT security controls based on information security standards for network security. Network Team takes these as inputs and helps implement and enforce the same on their network infrastructure. An example of this is controlling inbound/outbound access through firewall rules.

This was first published in March 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: