Security Awareness (SA001-09): Protecting Computer Networks using Firewalls
Using firewalls is an essential part of protecting computers and networks. End users require personal firewalls to provide access control to their computers, PCs, PDAs or home servers. Similarly, SMEs also require firewalls to protect their valued assets, such as information asset, network and system infrastructure assets.
Although firewalls can be relied upon to protect computer networks, it is important to understand that firewalls alone are not capable of protecting an enterprise (see Data Fusion in Security Evidence Analysis). There is a limitation to what a firewall or suite of firewalls can protect. Even when a range of multiple heterogeneous firewalls are deployed in an enterprise, chances are that they may not detect, prevent of mitigate all forms of attacks, vulnerabilities or threats.
To enhance security posture in an enterprise the following is recommended:
1) Investigate your options in time - Research available firewalls, what each firewall offers, read product/manufacturer's product literature and determine the best choice for your environment.
2) Determine best locations or points to install a firewall - where a firewall is place on the network contributes greatly to how much of the network it protects. A border where an organisation peers with other vendors, partners or ISP is a good starting point to put a firewall. Departmental demarcations may be another, and before a critical asset a host-based firewall may be required.
3) Always check firewall logs to determine and audit its events. It is absolutely important. If you are not going to check logs, there's no need installing a firewall.
4) If you're going to use multiple firewalls of different types, it is advisable to test each one in the same environment alone before integrating all the firewalls in the network. The reason for this is to ensure specific capabilities of each firewall before your put them in the network.
5) Always update firewall operating systems and patches. Go for tested and approved vendor OS versions and latest patches. It is not recommended to run an untested firewall OS in a production environment, because you may cause ha voc and be reliable to breach of SLA.
6) Configure firewall for lest privilege.
7) [...]
Although firewalls can be relied upon to protect computer networks, it is important to understand that firewalls alone are not capable of protecting an enterprise (see Data Fusion in Security Evidence Analysis). There is a limitation to what a firewall or suite of firewalls can protect. Even when a range of multiple heterogeneous firewalls are deployed in an enterprise, chances are that they may not detect, prevent of mitigate all forms of attacks, vulnerabilities or threats.
To enhance security posture in an enterprise the following is recommended:
1) Investigate your options in time - Research available firewalls, what each firewall offers, read product/manufacturer's product literature and determine the best choice for your environment.
2) Determine best locations or points to install a firewall - where a firewall is place on the network contributes greatly to how much of the network it protects. A border where an organisation peers with other vendors, partners or ISP is a good starting point to put a firewall. Departmental demarcations may be another, and before a critical asset a host-based firewall may be required.
3) Always check firewall logs to determine and audit its events. It is absolutely important. If you are not going to check logs, there's no need installing a firewall.
4) If you're going to use multiple firewalls of different types, it is advisable to test each one in the same environment alone before integrating all the firewalls in the network. The reason for this is to ensure specific capabilities of each firewall before your put them in the network.
5) Always update firewall operating systems and patches. Go for tested and approved vendor OS versions and latest patches. It is not recommended to run an untested firewall OS in a production environment, because you may cause ha voc and be reliable to breach of SLA.
6) Configure firewall for lest privilege.
7) [...]
posted by Cyril at 8:40 PM
0 comments
