Anatomy of a secure, remote workplace part 1: Firewall Monitoring - a thread

#security #remotework #firewall

Our company needed to adapt our #security measures for remote work in response to the lockdown that led to everyone working from home.

Our requirement was a Firewall Monitor that will act as a single point of access for all incoming/outgoing network activities.

1/n

We required a single point of access to monitor the following incoming and outgoing activities reported on our #firewall -

- Monitoring for connectivity issues
- Time-based analysis
- Security threats
- Network consumption
- Overall network health

2/n

Our source of information was a #firewall log that contained unstructured data in the form of text files.

These text files (or logs) contain all our network activities, with nearly 6 million entries recorded each day!

3/n

The solution:

After exploring ETL + #dataviz tools, we implemented custom extract & load (ETL) pipelines to process unstructured firewall logs, and deployed it to an #AWS ecosystem with @Metabase as a data viz tool for the front-end.

4/n

#DataViz options we explored.

5/n

Solution architecture of our Firewall Monitor:

6/n

We used tools and services like @ThePSF @awscloud @MongoDB @metabase to build a Firewall Monitor and help us create a more secure and resourceful workplace.

7/n

Results and highlights of our process
Infrastructure cost as low as $25/month
Role-based access control
#Report sharing
Data points for business decisions
Near real-time #monitoring

Read full blog here:
https://www.netsolutions.com/insights/firewall-monitoring-using-metabase-secure-remote-workplace-series/

We will keep updating this thread.

8/n