A network engineer with CCNA and CCNE certifications managed a global company's security and VPN infrastructure as part of a small team. The engineer used a three-stage change process: review rules, test in an isolated environment, then deploy to production, and added an extra step when a new CIO demanded review. The engineer identified a dangerous rule that would isolate the firewall from the internet and confirmed the finding with a colleague. The CIO ordered the flawed rules implemented and documented the decision, causing firewalls across Europe to go dark and prompting disaster recovery activation.
"I had just passed my CCNA and CCNE certifications when I received a request to make a major update to the firewall rulebase," FireBug told Who, Me?
"A new CIO had arrived at the company," FireBug recalled. "He was a nice guy, but more tactical than strategic, with a very hands-on approach and keen interest in everything related to security."
"Things went exactly as expected - the firewalls in the offices around Europe all received the update on schedule and went dark, resulting in immediate declaration of a major incident," Firebug wrote.
Collection
[
|
...
]