ipl-logo

Appendix B: Guidelines On Firewalls And Firewall Policy

656 Words3 Pages

Appendix B: Guidelines on Firewalls and Firewall Policy Firewalls help shape network architecture by splitting a network into smaller subnetworks for improved security. That being the case, AAE separates the PCI systems by creating individual VLANs/security zones and putting firewall security policies between them and the other networks. These criteria also apply to the 4500X switch...In a like manner, the core switch further develops the network topology by ??? The switch placement is also important because it helps define the network architecture and topology. In a like manner, it is positioned in-between the firewall and the production networks to segment them from each other, and it allows VLANs to be created as well as ACLs to be applied …show more content…

the Cisco ASA 5516-X Firewall and switch are configured per NIST SP 800-41: Guidelines on Firewalls and Firewall Policy. As has been mentioned in the paper, the firewall and core switch provide the following features: Packet filtering (policies); IPS filtering; DMZ and security zones; logging and alerting; VPN for remote access; and address translation. Subsequently, the firewall and switch configurations from the project are displayed and explained for the project. Diagram 3 is a representation of the AAE 5516-X ASA Firewall and core …show more content…

Therefore, AAE is using Cisco FirePOWER (SFR) IPS to prevent attacks of vulnerability exploits. The SFR module is setup to capture all traffic/packets passing through the firewall, to analyze them against a vulnerability database, and to send its results to a management appliance on the AAE network. Thus, AAE has a central management server it can use for application visibility and malware protection ??? The firewall also logs the messages to a Syslog server on the network. The SFR is established with the #???sfr_command configuration on the firewall. Next, per the PCI ???, the DMZ and security zones are ??? on the firewall. One of the advantages of DMZ is traffic to or from systems on the DMZ pass through the firewall where policies can be applied to the traffic. The following DMZ and security zones were created for the PCI networks: #DMZ configuration #security zone rules Note that the security zones can be used to control access subnetworks by utilizing the security zone

More about Appendix B: Guidelines On Firewalls And Firewall Policy

Open Document