Firewall Security Policy

On June 26, 2010, in Firewalls, by Ganesh Dutt Sharma

For network security there are some rules which we covered under security policy. The firewall policy is altogether different. We must say that security policy resides at conceptual level and firewall policy resides at technical implementation level and is a subset of security policy. Here I am going to discuss the firewall policy which covers theoretical implementation of network security policy.

What is Firewall Security Policy

The firewall security policy is actual technical implementation guideline for the rules laid out in organization security policy. During implementation of firewall you create firewall rules which act in accordance with your security policy. The main function is to allow or disallow the types of traffic and connections as per security policy.

If a firewall is a packet filter type then firewall policy decides which packets are allowed to pass through the firewall. And if its an application proxy or gateway type then it will decide which type of services will be allowed to be accessed through the firewall.

Firewall Policy Types

The firewall policy can be divided into two categories:

  1. Allow by default.
  2. Deny by default.

Allow By Default

The policy which is allow by default, allows every type of packets and services to pass through the firewall. The ones which we don’t want to permit will be denied explicitly. This type of policy is Insecure by default because anything new and uncovered in rules will pass through the firewall. The kind of policy is normally used for research and development purposes.

Deny By Default

This type of firewall policy is to deny all packets and services to pass through the firewall. Anything which we want to allow will be allowed explicitly. Also this kind of policy is Secure by nature because we’ve already denied any forthcoming unseen threats by default. The usage of this type of policy is widely accepted and agreed upon. The only threats which remain uncovered under this type of policy is the ones which use the exploits of service or packets which are allowed to pass through the firewall.

The firewall policy rules are well guided by the usage requirements of your organization. Below are some common rules which you may want to implement in your firewalls. Here is the list of few:

  1. No telnet access allowed through the firewall. Because telnet is insecure by nature and passes the data in clear text.
  2. By default the FTP connections to or from your network should be prohibited unless special cases are there like uploading error logs to the vendor ftp sites and so on.
  3. Only secure Email access should be allowed through the firewall.
  4. No direct connection should be allowed for a service between internal client and outside service. If you have to, then use proxy server instead.

The list can be expanded as per your organization’s requirements.

Tagged with:
 

Leave a Reply

 




More articles from the category: Firewalls


Proxy Firewall and Gateway Firewall: Introduction

The terms proxy firewall and gateway firewall are used synonymously. These firewalls help to maintain the transparency between the requester and server. As you know, the packet filter firewall inspects the headers of the packets, so it works at network transport layer. But to do inspection of packets at deeper level for better security, we need the proxy firewalls which works at application layer. Moreover, these firewalls are aware of the application protocol, so they provide better inspection capabilities.

Packet Filtering Firewall: An Introduction

The Packet Filtering Firewall is one of the most basic firewalls. The first step in protecting internal users from the external network threats is to implement this type of security. The first ever firewalls used were of packet filtering type only. As the trends of network threats started changing, so did the firewall building strategies. Most of the routers have packet filtering built-in, but the problem with the routers is that, they are difficult to configure and don’t provide extensive logs of the incidents. In my previous firewall tutorials I talked about firewall policies and few other things. That information is also used while designing such firewalls.

Firewall Security Policy

For network security there are some rules which we covered under security policy. The firewall policy is altogether different. We must say that security policy resides at conceptual level and firewall policy resides at technical implementation level and is a subset of security policy. Here I am going to discuss the firewall policy which covers theoretical implementation of network security policy.

Desired Security Policy For Firewall Implementation

For IT security when it comes to implementation of firewall, the planning comes first. The base of planning is the security policy for your organization. The firewall should be capable enough to protect the LAN resources from harms on internet. In a recent article on introduction to firewalls, I discussed about firewall basics. Now I’m going to discuss about the desired security policy for the firewall implementation for your network.

Firewall: Some Basic Ideas

Firewall is an important and extensive tool for IT security. Writing about firewalls in depth is one of my targets for this blog on IT security. So, to set the ball rolling I’ll start with the basics of firewalls . For today I’ll start the disucssion with firewall basics.