Strong network security requires effective firewall policies. Implementing these policies is a four-step process: creating policies, training personnel on these policies, implementation, and finally, monitoring the policies. In my previous article, “Get your IT staff involved when creating firewall policies,” I discussed the important role network administrators and desktop-support personnel play in firewall-policy development and training. This article will focus on steps three and four: implementation and monitoring.
While this article is geared toward the CIO or MIS Director, we wanted to include it on the Support Republic to illustrate the importance of including support staff in firewall-policy development and implementation. We also hope to get some feedback from support pros on their firewall-policy experiences. After reading this article, please let us know whether you had a hand in implementing or monitoring the firewall policies for your organization.
Implementing firewall policies
You must work closely with your network administrators and desktop-support personnel to ensure a smooth firewall-policy implementation. If your organization has the resources, create a test lab for your IT staff to experiment with the new policies and equipment. Hastily implemented firewalls often lack rigorous testing, which can lead to serious network performance and security problems.
If you merely place a firewall in your server rack, plug it in, and turn it on, you can’t be sure what will happen. You must consider how the firewall and its security policies will effect your current network configuration. You may need to reorganize your network for the firewall to work properly. Depending on your network configuration, your IT staff may need to consider the following questions:
- Will you need to reassign Internet protocol (IP) addresses so that unprotected machines are isolated to a segment with no other computers?
- Will you need to re-create your domain name system (DNS) to isolate name servers for internal or external use?
- Will you need to alert any secondary service providers or the Internet Network Information Center (InterNIC) to changes in your domain?
- Should you reorganize your simple mail transfer protocol (SMTP) records so that your e-mail continues to function?
- Do you have UNIX users that require remote shell access?
Of course, each network is different, and yours may require more or less scrutiny. Nevertheless, you must cover all the bases to ensure your security policies work for you and not against you.
As a member of the IT support staff, did you have a say in your organization’s firewall policies? If so, what role did you play? Post a comment or send us a note and share your experiences.
Constant monitoring is critical
With your firewall equipment and policies in place, your network administrators and desktop-support personnel must constantly monitor these new security measures for effectiveness and reliability. Most firewalls generate logs that will reveal suspicious activity. Your IT staff should examine these logs on a daily basis. If security administrators detect abnormal activity, they must quickly adjust your firewall policies to neutralize the threat.
Make sure everyone’s on the same page
Security threats exist both inside and outside your network, and there are firewall policies that can combat each threat. However, you and your IT staff must be in agreement on your organization’s firewall policies and be determined to enforce, maintain, and adjust these policies as needed. Without adequate communication and cooperation between upper management and IT personnel, your firewall policies are doomed to failure.
You can learn more about firewalls and network security by visiting TechProGuild’s Tech Books section or by reading Building Internet Firewalls by Elizabeth D. Zwicky, Simon Cooper, and Deborah Russell (Editor) and Firewalls and Internet Security: Repelling the Wily Hacker by William R. Cheswick. Both of these books are available for purchase from Fatbrain. You can also download Generally Accepted Principles and Practices for Securing Information Technology Systems from the National Institute of Standards and Technology’s Computer Security Resource Center. You will need Adobe Acrobat Reader to view this document.
Now it’s your turn to grade us. What do you think of Matthew’s firewall-policy suggestions? Post a comment or write to Matthew Mercurio and let us know what you think.