• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 388
  • Last Modified:

HIPAA Firewalls

Hi,

Concerning the HIPAA regulation, which firewall is best suited to do the job?  SonicWall or FireBox or Cisco or ...?

Thanks!
0
Leo_Nel
Asked:
Leo_Nel
  • 3
  • 2
  • 2
  • +1
3 Solutions
 
vtsincCommented:
So long as they are listed as IPSEC-compliant (I think all the above are) you shouldn't have a HIPAA problem.  They all have strengths and weaknesses but meet HIPAA requirements in basic form.  If you have specific needs for the firewall (ease of administration, logging capabilities, etc) you should probably post those for a more specific answer.

HTH - Mike
0
 
lrmooreCommented:
Agree with Mike.
HIPAA regs are so loose that it basically boils down to whatever you have determined to be the most appropriate for "your" application needs.
Do you have all the required user policies? Which firewall will help the most in enforcing those policies? Depends on your policies. Some firewalls do URL filtering, some don't and some offload to a 3rd party. Some firewalls do inline AV checking, some don't. Some do spam filtering, some don't.

No firewall is ever going to be effective without user (firewall admin) experience|training|knowledge, policies to enforce, some method of auditing the enforcement of said policies, and fits best into the overall security posture and experience base of your net admins.

Good article on choosing the best firewall for you:
http://www.sans.org/rr/whitepapers/firewalls/951.php

0
 
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
What HIPPA wants is Reasonable Security measures.  As lrmoore said, they are so loose......... etc.  So, you need to take reasonable security measures to protect patient data and confidentiality.  We had a HIPPA expert at the end of last year go over all this when we were looking at Cisco solutions.

So, what is reasonable.  If you have a high dollar firewall in place, but don't know how to configure it and it is wide open, then I'd say it was not a resonable security measure.  If you have a lesser firewall, but you have it configured well, then it is reasonable security measures.

All 3 firewalls are great products.  Whatever is your preference should be fine.  Recently I replaced all my Symantec Enterprise and Cisco equipment with Watchguard Firebox's.  I use an X1000 at our City Hall and the X Edge models at the remote sites.  I have worked on SonicWall and Checkpoint too.  For me, the Watchguard delivered the best bang for the buck and rates just as good as the others.  Each though will have an edge somewhere.  Anyway I choose it because it also gives application layer filtering and the setup is so easy to use and configure.
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
Leo_NelAuthor Commented:
How about Juniper?  A friend of mine who is an IT security expert said that it is the best firewall out there today.  Is this true?  I've heard that Firebox is a good one.
0
 
Leo_NelAuthor Commented:
This one is just to increase the point value.
0
 
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
I've worked on Symantec, Cisco, SonicWall, Checkpoint and Watchguard as well as some ISA.  I have seen their products and they look like they have features that are comperable, but don't have the name recognition of the other major players.
0
 
lrmooreCommented:
Juniper bought Netscreen. Our corporate guys use a netscreen and are looking to replace it with anything but a netscreen. I'm not sure why. It's been pretty darn reliable. If you look at the performance statistics on their marketing material, it will outperform just about anything out there.
Again "the best" is the one that you can understand and configure properly to meet your specific requirements.
0
 
Leo_NelAuthor Commented:
Thanks a lot guys for your help!
0
 
vtsincCommented:
lrmoore - IMHO the Netscreen is a very solid box, but the configuration can be a pain in the ass until you get VERY accustomed to the interface, so that may be why the corp guys are ditching it.  The ScreenOS was definitely not designed to be intuitive, and they use their own terminology for a lot of configuration choices that don't necessarily translate well if your background is in the PIX world.  It does have some excellent capabilities, but like I said, not very intuitive and certainly not something you want to configure in a hurry if you're not quite accustomed to the interface.

I say this after honing my skills first with Checkpoint products as a CCSA/CCSE (which I'd recommend in almost every case if they weren't so expensive).  Around that time I became fairly proficient with the PIX.  For small businesses I almost exclusively use Sonicwalls, and with the enhanced OS (vs. the standard) you can do almost anything with the Sonicwall that you'd do with the above-mentioned units.  The Sonicwall is almost idiot-proof in that it automatically places more specific rules above less specific ones although obviously anyone can really mess up a firewall if they aren't 100% detail-oriented.

Can't say that I've used the Firebox except for once a few years ago and it crashed nightly, so I'e never looked into them again.

This is all opinion on my part, so for what it is worth maybe this explains why the Netscreen is being looked at in a negative light by your guys....
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now