Desired Security Policy For Firewall Implementation

On June 25, 2010, in Firewalls, by Ganesh Dutt Sharma

For IT security when it comes to implementation of firewall, the planning comes first. The base of planning is the security policy for your organization. The firewall should be capable enough to protect the LAN resources from harms on internet. In a recent article on introduction to firewalls, I discussed about firewall basics. Now I’m going to discuss about the desired security policy for the firewall implementation for your network.

What is Security Policy

The security policy is a set of rules for an organization which state about what can and can not be done on a computer or within a network of organization. The security policy does state all the desirable user actions in detail. This also states the penalties which a user may face when (S)he violates any rules setup according to the security policy or organization.

What Can Be Included In Security Policy

The security policy must include the following points:

  1. Rules for Network connection
  2. Equipments usage rules
  3. Rules for employees

Policy For Network Connection

The security policy should include the rules for installing and configuring equipments which are to be used for network connections. This can include few rules as below:

  1. Installation of Operating System and the features which can be used and what applications can be installed.
  2. What antivirus solution will be used and how to keep that updated. The antivirus solution must be installed and kept upto date.
  3. The IP addresses and subnet masks which can be used. Also it should specify whether to use static IP address or dynamic one using DHCP.
  4. There should be detailed guidelines and procedures about user creation, user rights and the user deactivation.
  5. Whom to contact for permission for installation of new hardware and software. Normally without the permission of network or system administrators no hardware/software should be permitted to be installed.

The list can go on and on depending upon the size of network and organization.

Equipment Usage Rules

The security policy should also include the rules for usage of work place equipments e.g desktop computers, laptops. This also includes the what websites can be opened, what applications can be used.

  1. No applications should be installed without prior approval from the system and network admins. Only those softwares should be installed by designated persons which are approved and supplied by the organization.
  2. The applications should be installed as per the licensing norms of the application vendors.
  3. Emails should be strictly used for official use only and that too with certain guidelines.
  4. No passwords sharing should be allowed.
  5. The equipment should be locked or logged out before leaving work place.
  6. The IT security department should be informed in case of any suspicious activity.
  7. The data which is not related to the respective users should not be accessible to them.

Rules For Employess

The regular on role employees can be given somewhat higher privileges, but the employees on contract and the service providers should be given stricter privileges to keep the possible insecurities to the minimum.

Next we’ll talk about the firewall policies to be used at the time of implementation and the strategies we must follow.

Tagged with:
 

1 Response » to “Desired Security Policy For Firewall Implementation”

  1. […] About Desired Security Policy For Firewall Implementation […]

Leave a Reply

 




More articles from the category: Firewalls


Proxy Firewall and Gateway Firewall: Introduction

The terms proxy firewall and gateway firewall are used synonymously. These firewalls help to maintain the transparency between the requester and server. As you know, the packet filter firewall inspects the headers of the packets, so it works at network transport layer. But to do inspection of packets at deeper level for better security, we need the proxy firewalls which works at application layer. Moreover, these firewalls are aware of the application protocol, so they provide better inspection capabilities.

Packet Filtering Firewall: An Introduction

The Packet Filtering Firewall is one of the most basic firewalls. The first step in protecting internal users from the external network threats is to implement this type of security. The first ever firewalls used were of packet filtering type only. As the trends of network threats started changing, so did the firewall building strategies. Most of the routers have packet filtering built-in, but the problem with the routers is that, they are difficult to configure and don’t provide extensive logs of the incidents. In my previous firewall tutorials I talked about firewall policies and few other things. That information is also used while designing such firewalls.

Firewall Security Policy

For network security there are some rules which we covered under security policy. The firewall policy is altogether different. We must say that security policy resides at conceptual level and firewall policy resides at technical implementation level and is a subset of security policy. Here I am going to discuss the firewall policy which covers theoretical implementation of network security policy.

Desired Security Policy For Firewall Implementation

For IT security when it comes to implementation of firewall, the planning comes first. The base of planning is the security policy for your organization. The firewall should be capable enough to protect the LAN resources from harms on internet. In a recent article on introduction to firewalls, I discussed about firewall basics. Now I’m going to discuss about the desired security policy for the firewall implementation for your network.

Firewall: Some Basic Ideas

Firewall is an important and extensive tool for IT security. Writing about firewalls in depth is one of my targets for this blog on IT security. So, to set the ball rolling I’ll start with the basics of firewalls . For today I’ll start the disucssion with firewall basics.