Recently being thru a Security audit... you learn to expect that for the auditors that will never be a good enough answer. They always have to find something ( that is how they are able to ask for extra-ordinary amount of money)....no matter how good or how clean or how tight your rule base is.
How many rules?, it all depends on outgoing traffic, incoming traffic, NAT, Encryptions Can you group requirements for incoming or outgoing traffic! Sometime you have to have selected rules for individual users or servers. One thing is certain... always put the "most used rules" on the beginning of the rule base since Checkpoint reads rules sequentially. -----Original Message----- From: Security [mailto:[EMAIL PROTECTED] Sent: Thursday, May 06, 2004 11:42 AM To: [EMAIL PROTECTED] Subject: Re: [FW-1] How many rules should a firewall have? This seems to be an opinion question. Mine would be you need a rule to hide the firewall. you need a rule to communicate with the firewall. you need a rule to log everything else. other than that I do not see it as a need for the firewall. for a firewall to allow traffic is not the need of the firewall but the need of the network so I believe it is Three. ----- Original Message ----- From: "Albert Higgins" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, May 06, 2004 10:13 AM Subject: [FW-1] How many rules should a firewall have? > Hi, > > Our auditors want to know how many rules a firewall should have. > > I told them that 'it depends'. But they want me to answer the following > question: > > How many rules should both the perimeter and internal firewalls of a global > financial services organization have? > > I need to point them to a document or URL. Anyone have a reference I could > use? > > Thanks!!!! > > _________________________________________________________________ > Mother's Day is May 9. Make it special with great ideas from the Mother's > Day Guide! http://special.msn.com/network/04mothersday.armx > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
