Solved

firewall policies

Posted on 2009-07-01
2
208 Views
Last Modified: 2013-11-05
Hi all, I am researching some best practice on managing your corporate firewall. Rather than anything technical, what procedures do your guys go through to securely manage the firewall?

i.e. if you want to change a firewall rule, who approves it, is this management or a secondary ttechnician?

if your it support is outsourced what responsibilities on firewall management is with them, and what to you still have an involvement with?

How often do you perform a configuration review of the firewall to identify vulnerabiltiies, do you do this yourselves or get an independant 3rd party?

How do you seperate up the firewall management security (auditors term it separation of duties), who is reposnsible for what in your setup?

If you are experienced managing the security of the firewall, have you got any tips for a newbie on how to manage it to best practice, based on things you have seen (or perhaps done) done wrong in this past? Any additional pointers or areas of research where I can develop my knowledge of all the things to consider better.
0
Comment
Question by:pma111
2 Comments
 
LVL 6

Accepted Solution

by:
vojans earned 125 total points
ID: 24752951
Define a paper which will clearly point out which port is needed to be open, and what is it (or - it will be) used for.
Ask for confirmation of superior in charge - superior of person who demands it. Signature
So, if somebody wants you to open port 6881, for torrent, and his superior signs it, it is not yours to question why is he asking for it - he/she got a permit.
On the other hand, it would be good to make a kind of policy what is allowed and what is not, at least without a written approwal, and that will solve most of doubts...
0
 
LVL 18

Assisted Solution

by:deimark
deimark earned 125 total points
ID: 24753007
I will answer inline:

Hi all, I am researching some best practice on managing your corporate firewall. Rather than anything technical, what procedures do your guys go through to securely manage the firewall?

i.e. if you want to change a firewall rule, who approves it, is this management or a secondary ttechnician?

>>>  Good practice to have a 2nd opinion/set of eyes on the rule


if your it support is outsourced what responsibilities on firewall management is with them, and what to you still have an involvement with?

>>>  If its outsourced, then all you should need to do is contact this provider and make teh necessary requests, ie from <host> to <host> service HTTP  - permit

>>>  As above, it worth making sure that the provider has a confirmed list of authorised contacts thatc an request these changes


How often do you perform a configuration review of the firewall to identify vulnerabiltiies, do you do this yourselves or get an independant 3rd party?

>>>  This "should" br done regularly, but rarely is de to time needed etc.  I would say every quarter, review the rulebase and clean out old addresses, rules etc..  If its done by 3rd party, then get them in every quarter

How do you seperate up the firewall management security (auditors term it separation of duties), who is reposnsible for what in your setup?

>>>  Most decent firewalls will allow creation of different roles within teh firewall, ie some roles can edit address objects, some roles can create rules, some roles can edit IDP settings etc.  This means that admins are only given access to what they need.

If you are experienced managing the security of the firewall, have you got any tips for a newbie on how to manage it to best practice, based on things you have seen (or perhaps done) done wrong in this past? Any additional pointers or areas of research where I can develop my knowledge of all the things to consider better.

>>>  Apart from generic advise on creating the rulebases, ie most used at top, most specific at top, general rules at bottom and ALWAYS use a clean up rule with logging, the stuf above is a decent start.

>>>    I would say that if you have any specific questions, post here as the topic is quite large its hard to generalise.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question