Submitted by: Submitted by kjass001
Views: 225
Words: 479
Pages: 2
Category: Science and Technology
Date Submitted: 05/27/2013 10:37 AM
Imagine you have installed and configured firewalls in all of the right places within your organization’s network. Like any other organization, you try to stay current by deploying the latest and greatest in firewall technology. Similarly, the purpose of your firewall is to filter bad traffic, which your firewall has been doing. Occasionally, you add more rules to filter more traffic, but have no evidence of going back to visit historical log data. Explain in detail and give examples of the problems that result from this practice.
Although staying current and up-to-date with security practices is critical for governing an organization’s means to communicate both internally and externally to trusted hosts, it is also essential for organization’s to review and update their security policies routinely in order to facilitate proper means of communication in the first place as well as maintaining a secure network. In respect to configuring an organization’s firewall’s policy, it is often more advantageous for security administrators to configure a firewall with fewer but more strict rules rather than creating rules whenever required. Advantages to this practice include: an agile network that permits safe traffic while avoiding potential threats, avoiding the creation of loopholes within the firewall’s policies, as well as circumventing convoluted policies that overcomplicate administrators’ tasks of monitoring network traffic. This comes into play when reviewing logged data which is pertinent towards safeguarding the network from users who may have unintentionally compromised their workstations.
You have a firewall in your production environment and occasionally need to add rules mostly to open up ports, services, IPs, and so on, from ingress traffic from the Internet, but do nothing to egress traffic leaving your network. Determine the possible pitfalls of adding rules to egress traffic leaving the network. Describe in detail solutions to such pitfalls in the...