Best practices in firewall management
0 likes•915 views
The document outlines best practices for firewall management, emphasizing the importance of a default deny-all policy and the specificity of rules regarding ports and IP addresses. It recommends limiting authority to change firewall settings, implementing a change request policy, and maintaining proper documentation, including descriptions and expiry dates for rules. Additionally, it suggests periodic reviews, central management, and complementing firewalls with other security products for enhanced protection.
Best practices in firewall management
- 1. Best Practices in Firewall Management - Sabu Thaliyath
- 2. Introduction to Firewall • In the front of perimeter-level defence • Works mostly on ports and IP addresses
- 3. Be Specific •Default policy must be Deny All •Be specific in firewall rules i.e • Open only the port you need open • Allow only the IPs that you need to give access to
- 4. Access Control • Keep the responsibility/authority to change firewall with only 1 or 2 admins
- 5. Have a change request policy • How the requests would be received ? • Approvals required
- 6. Add description • Every rule must have a description
- 7. Expiry date • Keep an expiry date for user requested rules • Remind the user when expiry date is nearing
- 8. Backup • Take periodic backups of your firewall
- 9. Periodic Review • Clean up expired rules • Remove redundant or duplicate rules
- 10. Manage from central location • Cloud based management would help
- 11. Compliment firewall • Compliment the firewall with other security products – Intrusion Prevention System, Endpoint Security
- 12. Thank You 12