Q

Who is responsible for the firewalls?

Firewall responsibility complications are cleared up in this Q&A with network security expert Puneet Mehta.

In my company our information security department is different from the network group. The network group handles the installation, upgrade, routing and IP address specification on the firewalls, while information security writes the rules. The problem is that almost all trouble shooting involves the two groups. For instance, in a session that involves VPN tunnels, information security will not be able to delete and reestablish a specific VPN tunnel as they would not have the right to. What have you seen in the industry? Should the firewall responsibility be split between two groups? If not, who should be responsible for the firewalls, information security or the LAN/WAN group?
Information security extends beyond networks and has much wider domain coverage. It's always a good practice to have a separate InfoSec department that works with all the business units and departments and helps implement the organization's ISMS. In regards to networks, Infosec works as an architect whereby they create IT security designs, policies, procedures and define IT security controls based on information security standards for network security. Network Team takes these as inputs and helps implement and enforce the same on their network infrastructure. An example of this is controlling inbound/outbound access through firewall rules.
This was first published in March 2007

Dig deeper on Network Security Best Practices and Products

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close