I set a goal for my security team this year - Simplify, and then add lightness - just like Colin Chapman said.  With this in mind, we are changing our firewall at the office, as we now run almost all our services in AWS.  Would someone here have a sample or template for a firewall configuration specification that I could use as a starting point please?

NetworkRisk ManagementStrategy & Architecture+1 more
2.2k views5 Upvotes4 Comments
Director of IT in Software, 201 - 500 employees
You can try the following links for the template.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html

https://asecure.cloud/a/NetworkFirewall/
1
CIO in Healthcare and Biotech, Self-employed
The answer, as usual, is: it depends. If you have a site-to-site VPN to their AWS environment, Amazon provides very clear templates for a variety of firewall platforms. If you are using Direct Connect, then it's just a matter of setting up the right routes. I think much more detail is needed before a question like this can be answered. Hope this helps.
2
Director in Manufacturing, 1,001 - 5,000 employees
This is out of my wheel house by a decade or more.  However in my experience you can get a very good starting point from the hardware vendor.  We were using CISCO a lot and I always started with their examples as a starting point and turned it from there to open or close off more services.
2
Worldwide Strategy & Portfolio, Cross Industry (Supply Chain, ESG, Engineering, Customer Experience, Intelligence Automation, ERP) in Manufacturing, 1,001 - 5,000 employees
Hi! Without too much information, I would advise to review the AWS Security best practices https://docs.aws.amazon.com/vpc/latest/userguide/security.html and apply the principles based on the company’s needs. One recommendation for replacement or SaaS, FortiGate has a great service and value currently.

Content you might like

Would your company consider using a Time-as-a-Service model for your time synchronization needs?

Strategy & Architecture

We already use a Time-as-a-Service model21%

We would consider a Time-as-a-Service model60%

We would not consider a Time-as-a-Service model19%


130 PARTICIPANTS
576 views

Where do you foresee the COVID-19 outbreak will have the most impact on your organization over the next month?

Strategy & ArchitectureBusiness Continuity & Disaster Recovery

Supply chain disruption24%

Sales growth slowdown36%

Decline in employee productivity15%

Stalled or suspended production/operations7%

Large redeployment or change in staff responsibilities4%

Disruption in new projects/ventures7%

Employee layoffs, furloughs or reduction in hours2%

Change in customer needs4%

No impact1%


253 PARTICIPANTS
837 views

Is the Double Diamond Design Model Still Relevant? In today’s world where code can be pushed multiple times a day, and prototypes quickly tested, the rigid phases of the Double Diamond can feel constraining. The model’s omission of execution for three-quarters of the process could create significant risk. Do you think is it time to reconsider this design approach?

End-User Services & CollaborationDisruptive & Emerging TechnologiesStrategy & Architecture
367 views

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
41k views131 Upvotes319 Comments

What methods are you using to assess your organization's cyber maturity?

Security Strategy & RoadmapRisk ManagementGovernance, Risk & Compliance
583 views3 Upvotes