Solved

Firewall Rule Base Ordering Best Practise Guidelines

Posted on 2011-09-23
4
434 Views
Last Modified: 2012-05-12
Where can I find a decent set of best practise guidelines to follow for ordering a firewall rulebase correctly ?
0
Comment
Question by:Suncore
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 36591388
Over in the far corner on the left - second shelf.

Sequencing will be different dependent on products. For example ISA2000 actions all denies then all allows, ISA2004 onwards actions top-down, Without a reference to some form of product this is not really an answerable question.

0
 
LVL 2

Accepted Solution

by:
Suncore earned 0 total points
ID: 36708516
This is the book I ended up using, it contains guidelines on writing firewall policies, including how to order a rulebase correctly.

Firewall Fundamentals
By: Wes Noonan; Ido Dubrawsky
Publisher: Cisco Press
Print ISBN-10: 1-58705-221-0
Print ISBN-13: 978-1-58705-221-7
Pages in Print Edition: 408
0
 
LVL 2

Author Closing Comment

by:Suncore
ID: 36898834
This was the solution I used.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 36711946
So it was a Cisco product you needed help with? Would it really have been that much effort to respond with that information when asked for it? No wonder no-one else even bothered responding to you.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question