Firewall Best Practices

Hello Experts,

I was just wondering if anyone knew any best practices of firewall devices or could answer this question:  Should I be restricting outgoing traffic as well?  I only restrict things coming into the network and was wondering what the best practices are for implementing firewall hardware appliances.

Thanks in advance,

BJD
BJDalfol9Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

stu29Commented:
Best practices for outgoing traffic are usually defined by your internal policies.  That being said, it is normal to control and monitor outgoing traffic.  Think rootkits trying to communicate, rouge SMTP servers etc.

http://securityskeptic.typepad.com/the-security-skeptic/firewall-best-practices-egress-traffic-filtering.html
0
Blue Street TechLast KnightCommented:
Hi BJD,

In general, filtering outbound is an overkill unless you are mandated to by compliance (PCI-DSS, HIPPA, etc.) or internal policy (as @stu29 pointed out).

Keep in mind that depending on the architecture and size of your network it adds a fair amount of complexity and management especially initially during the shakeout period. Take into consideration that segmenting your network will make things easier if you do so. For example, the WLAN should be on it's own interface, subnet & zone and within the pool of your wireless devices I'd segment between laptops and mobile devices (tablets & smartphones) due to the different types of security risks and traffic that are unique to those form factors. So that way you have different WLAN VLANs for both sub-types of wireless traffic. But it's really your prerogative.

In theory filtering outbound is terrific, because it allows great control both in/out of the network and in the event of malware infections (depending on the type) inside the network, filtering outbound traffic can prohibit these infections from sending outbound for remote transmission, data leaching, remote control, etc. as typically they use not typically used ports to do so.

Let me know if you have any other questions!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Blue Street TechLast KnightCommented:
Any updates on this?
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

stu29Commented:
BJD,

Are you looking for anything more specific?
0
BJDalfol9Author Commented:
Thanks Guys! This is everything I needed/wanted to know. Just still new to the whole network security stuff and wanted to make sure I was doing right by my clients. Thanks for all your help and advice! :)

BJD
0
Blue Street TechLast KnightCommented:
My pleasure!  I'm glad I could help and thanks for the points.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.