Information Security News mailing list archives
Building your firewall, Part 3
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Thu, 4 Nov 1999 10:37:03 -0700
http://www.sunworld.com/sunworldonline/swol-11-1999/swol-11-security.html Building your firewall, Part 3 Implementation: Setting up firewall rules Summary A careful implementation of the firewall architecture can save a tremendous amount of resources in maintenance. Carole runs through the basic rules. (3,500 words) By Carole Fennelly Last month's column described the operating system installation that lays the groundwork for firewall implementation. Implementing firewall software is not really that hard. Maintaining it is. If you can take a step back and look down the road at the possible traffic jams, you can make maintenance easier by spending a little extra time with the implementation. This column will attempt to offer some advice that could save you some maintenance headaches. Building your firewall: Read the whole series! Part 1. Are you letting your firewall vendor decide your architecture? Part 2. How to make sure your OS is ready to go Part 3. Implementation: Setting up firewall rules I always find that examples are the best way to explain a point. The problem with using examples when discussing firewalls is that there are many types to choose from. Trying to give examples of each would be tedious (assuming that I even could). To keep it simple, I'll try to stick to general issues and give examples from two of the most popular firewalls available: Checkpoint Firewall-1 (stateful inspection) and TIS Gauntlet (proxy). This is not to be construed as an endorsement of either -- I'm just more familiar with these. [snip...] ISN is sponsored by Security-Focus.COM
Current thread:
- Building your firewall, Part 3 mea culpa (Nov 04)