Firewall to Staff Ratio

Can anyone provide guidance to how one might calculate how much staff is necessary to support a Checkpoint firewall pair?

I know that this ratio may be impacted by several factors (i.e, the size of the user base or the number of supported applications), but a ballpark figure and the basis for the ratio is appreciated. Alternatively, if one can direct me to a tool for calculating this metric, I would be grateful.


Reply to
Texas Fireant
Loading thread data ...

There is no good answer. We have CP firewalls installed that get checked monthly for operation and we have ones that are monitored daily for operation (meaning what is passing in/out).

Once it's installed and working, if you get reports, and if you don't need to change rules, it doesn't need anyone.

Reply to

Depending on the size of your company it might make sense to get a partner for serious system stuff, (set up, upgrades, licensing...)and therefore avoid training costs of your staff. Checkpoint is very powerfull and very complex. But once it is up and running and your network is fairly static, a network engineer can learn how to add rules and read logs.

We have customers with several clusters around the country, dozens of networks and almost any CP feature installed- they have two sec. engineers dedicated to CP - incl. 24/7 hotline. also depends if IT is your core business or not.

hth M

Reply to

You need 1 admin. You probably will need additional admins if you want to guarantee particular response times or uptimes or have more than one location. These requirements/factors will determine how many admins you'll actually need. The number of users or applications is immatierial.


Reply to
Ansgar -59cobalt- Wiechers

Thanks to all for your input...TX FireAnt.

Reply to
Texas Fireant

In a vacuum - for just 2 firewalls - you would need one person to run them.

In the real world - the number varies wildly. Don't think of firewalls as just a pair of boxes in a rack somewhere. With firewalls comes a much larger responsibility to create security policy, create processes surrounding changes to the firewalls, response to 'events', how to handle breaches, etc.

Your question is loaded at best ;)

Reply to
AMR Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.