4 Mistakes MSPs Make with Firewall Management

Common pitfalls include poor communication, failing to have clients accept risks, not researching the impact changes can have, and not finding smart ways to deal with the volume of audit log data.

firewall management mistakes

Firewall efficiency increases when you use a firewall management tool. Forrester Consulting conducted a study commissioned by network security policy management solution provider FireMon and found that 59 percent of organizations experience fewer data breaches and higher productivity with firewall management. The study also found that organizations that use firewall management are four times more likely to implement change requests within 24 hours than organizations that don’t use them.

As valuable as firewall management can be, there are right ways and wrong ways to provide it to your clients. Brian Treloggen, Americas Channel Team Lead at FireMon, says there are four common pitfalls managed services providers (MSPs) need to avoid to optimize the firewall management service they provide:

1. Poor Communication

Treloggen says, “The most common mistakes MSPs and their clients make are not properly defining and communicating what is expected and required to handle the tasks that need to be done.” He says MSPs can do a less-than-adequate job of defining the risks of a change request or how it will be used. And your clients often don’t fully describe the request, why it’s needed, and, Treloggen adds, “Just assume the MSP will handle it.”

Train your team and put processes in place that ensure you keep your clients informed and collect the information you need.

2. Failing to Have the Client Accept Risks

It’s also vital to have a mechanism that documents that you explained the risks of a request to your client and that they agreed to them. Treloggen says FireMon, for example, gives MSPs the ability to assign a certification process to the owner or requestor to accept or deny the risks.

“The risks are as far-reaching as the tasks and permissions given to the MSP,” Treloggen says. “If MSPs are not properly handling risk, then devices are most likely not going to be properly handling risk — leaving the client vulnerable.”

3. Taking the Client’s Word

Treloggen also advises MSPs not simply to make every change the client wants. “The first way to cover an MSP from blame is to have the proper people, tools and processes in place,” he says. He points out, however, that you need to address requests quickly so you are not a roadblock to your clients’ success. “The tools that automatically show risk and can define what is relevant to a customer are the only way to keep up with the ever-increasing speeds of business demands,” he says.

4. Not Managing the Volume of Logging Data

He says also to be aware of the amount of bandwidth logging data can consume. “This makes it untenable to send all the logs from a client directly to the MSP. To handle this, most MSPs will provide aggregators or collectors that are placed in the client’s network to get the proper details and then provide an overall alert of event messaging – something like: ‘Log for Activity X has been seen 100 times in the last minute,’” Treloggen explains.

The Bottom Line

Effective firewall management requires your ongoing attention and expertise and open communication between you and your clients. It can help you prevent technical errors, such as redundant rules, and risk creep, but it also builds a strong relationship with your clients. Take the opportunity to elevate your business from the role of a solution or services provider to a trusted business advisor who helps your clients minimize risk and keep their networks safe. 

Mike Monocello

The former owner of a software development company and having more than a decade of experience writing for B2B IT solution providers, Mike is co-founder of Managed Services Journal (formerly XaaS Journal) and DevPro Journal.