aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Public Cloud

Improve Your Security Posture With New Overly Permissive Firewall Rule Insights

  • aster.cloud
  • September 29, 2021
  • 4 minute read

Are you a network security engineer managing large shared VPCs with many projects and applications deployed, and struggling to clean up hundreds of firewall rules accumulated overtime in the VPC firewall rule set?

Are you a network admin setting up open firewall rules to accelerate cloud migration, but later struggling to close them down without worrying about causing outages?


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

Are you a security admin trying to get a realistic assessment of the quality of your firewall rule configuration, and to evaluate and improve your security posture?

If the answer to any of the questions above is a “Yes”, you’ve come to the right place!

Firewall Insights and What’s New?

In a previous blog post, we introduced the new tool Firewall Insights that provides visibility to firewall rule usage metrics and automatic analysis on firewall rule misconfigurations.  Today we would like to introduce a new module within Firewall Insights called “Overly Permissive Firewall Rule Insights”.

Overly permissive firewall rules have been a major issue for many of our customers, both during cloud migration as well as the subsequent operational phase. In the past, some customers have attempted to address this pain point by writing their own scripts or manually reviewing large volumes of firewall rules to detect the problem. The results have not been successful.

With the “Overly Permissive Firewall Rule Insights”, customers can now rely on GCP to automatically analyze massive amounts of firewall logs and generate easy-to-understand insights and recommendations to help them optimize their firewall configurations and improve their network security posture.

Overly Permissive Firewall Rule Insights

Read More  Oracle Opens First Cloud Region In The Nordics

The type of insights and recommendations that can be generated through the Overly Permissive Firewall Rule analysis include the following:

  • Unused firewall rules
  • Unused firewall rule attributes, such as IP ranges, port ranges, tags, service accounts, etc
  • Open IP and port ranges that are unnecessarily wide

In addition, using machine learning algorithms, the Firewall Insights engine can also look for similar firewall rules in the same organization and use its historical usage data to make predictions on the future usage for those unused rules and attributes, so that users could have additional datapoint to help them make better decisions during firewall rule optimization.

Now let’s take a look at how you can generate these insights for your projects.

  • Enable and configure the Overly Permissive Firewall Rule Insights

First you will need to enable the “Overly Permissive Rule Insights” module on the Firewall Insights page – Configuration:

1 Overly Permissive Firewall Rule Insights.jpg

Once enabled, the system will start scanning the firewall logs for the project during the “Observation Window” and generate insight updates on a daily basis.

The default observation window for this analysis is 6 weeks, but you adjust it based on your traffic pattern by doing it in the “Observation Period” configuration tab:

2 Overly Permissive Firewall Rule Insights.jpg
  • Discover unused allow rules and attributes to clean upIf you are like most of the network and security admins working with complex cloud networks, you probably have accumulated a set of firewall rules that you know are not optimally configured, but don’t know where to start to clean them up.With the Overly Permissive Firewall Rule Insights, you can rely on GCP to help give you the answer. Once you enable this module and firewall logging for the target project, the system will analyze all network logs to reveal the traffic pattern that is going through the firewall rules.

    Firewall Rule Insights will automatically generate a list of allowed rules that has no hit, or specific IPs, ports or tags configured in an allow rule that did not have any hit, so you can focus your investigation on this group of rules and attributes for cleanup.

    Meanwhile, the system will also look at the firewall rules similarly configured in your organization and their hit pattern to make a prediction whether or not the unused rules and attributes are likely to be hit in the near future, so that you can use this information as a reference to decide whether it is safe to remove a rule or attribute from your firewall rule configuration.

3 Overly Permissive Firewall Rule Insights.jpg
4 Overly Permissive Firewall Rule Insights.jpg
5 Overly Permissive Firewall Rule Insights.jpg
  • Get  recommendations on how to minimize permitted IP & port ranges

    Sometimes when you are in a hurry to get  application connectivity established, you may open an overly wide IP or port range on your firewall thinking you will close that down later, but never really do it properly. This is a common problem that many network and security admins run into. A typical scenario where such a thing happens is during the cloud migration. If this is an issue you are struggling with, now you have a solution with the Overly Permissive Firewall Rule Insights.With Overly Permissive Firewall Rule Insights, customer can rely on GCP to automatically scan the firewall logs for a VPC network, analyze its firewall rules and the patterns of the traffic coming in and out of this network, identify these overly permissive IP and port ranges in the allow rules, and make recommendations on how to replace these wide ranges with smaller ranges to close down portions in those ranges that are not needed for legitimate traffic.
6 Overly Permissive Firewall Rule Insights.jpg
7 Overly Permissive Firewall Rule Insights.jpg

To ensure this function works properly and make accurate recommendations, you will need to enable firewall logging for all rules you are looking to optimize because the engine relies on Firewall Log as its data source for the analysis. The insights are updated on a daily basis based on incremental analysis done on new log entries processed for that day.

For more information on the Firewall Insights product, please refer to our public documentation.

 

 

 

By Tracy Jiang, Product Manager
Source Google Cloud Blog

Read More  Sharing Is Caring: How NVIDIA GPU Sharing On GKE Saves You Money

For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

aster.cloud

Related Topics
  • Firewall
  • Google Cloud
  • Security
You May Also Like
View Post
  • Computing
  • Public Cloud
  • Technology

United States Army Enterprise Cloud Management Agency Expands its Oracle Defense Cloud Services

  • April 15, 2025
DeepSeek R1 is now available on Azure AI Foundry and GitHub
View Post
  • Public Cloud
  • Technology

DeepSeek R1 is now available on Azure AI Foundry and GitHub

  • February 2, 2025
Cloud platforms among the clouds
View Post
  • Computing
  • Learning
  • Public Cloud

Best Cloud Platforms Offering Free Trials for Cloud Mastery

  • December 23, 2024
Vehicle Manufacturing
View Post
  • Hybrid Cloud
  • Public Cloud

Toyota shifts into overdrive: Developing an AI platform for enhanced manufacturing efficiency

  • December 10, 2024
IBM and AWS
View Post
  • Public Cloud

IBM and AWS Accelerate Partnership to Scale Responsible Generative AI

  • December 2, 2024
COP29 AI and Climate Change
View Post
  • Public Cloud
  • Technology

How Cloud And AI Are Bringing Scale To Corporate Climate Mitigation And Adaptation

  • November 18, 2024
Cloud Workstations
View Post
  • Public Cloud

FEDRAMP High Development in the Cloud: Code with Cloud Workstations

  • November 8, 2024
View Post
  • Public Cloud

PyTorch/XLA 2.5: vLLM support and an improved developer experience

  • October 31, 2024

Stay Connected!
LATEST
  • cookies-food-photographer-jennifer-pallian-OfdDiqx8Cz8-unsplash 1
    What is a cookie?
    • June 6, 2025
  • 8 benefits of AI as a service
    • June 6, 2025
  • 3
    Where is the cloud headed?
    • June 6, 2025
  • 4
    Cloud breaches are surging, but enterprises aren’t quick enough to react
    • June 6, 2025
  • 5
    Enterprises are keen on cloud repatriation – but not for all workloads
    • June 4, 2025
  • 6
    The Summer Adventures : Hiking and Nature Walks Essentials
    • June 2, 2025
  • 7
    Just make it scale: An Aurora DSQL story
    • May 29, 2025
  • 8
    Reliance on US tech providers is making IT leaders skittish
    • May 28, 2025
  • Examine the 4 types of edge computing, with examples
    • May 28, 2025
  • AI and private cloud: 2 lessons from Dell Tech World 2025
    • May 28, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Understand how Windows Server 2025 PAYG licensing works
    • May 20, 2025
  • By the numbers: How upskilling fills the IT skills gap
    • May 21, 2025
  • Weigh these 6 enterprise advantages of storage as a service
    • May 28, 2025
  • 4
    Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more
    • May 28, 2025
  • 5
    TD Synnex named as UK distributor for Cohesity
    • May 28, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.