Advanced firewall design

30 pts.
Tags:
Firewall configuration
Firewall management
Firewalls
Network security
suggest me some techniques regarding to the firewall design
ASKED: July 22, 2010  2:52 PM
UPDATED: August 19, 2010  2:53 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

What platform will be used for your advanced firewall? If Linux, read Netfilter howto-s:

http://www.iptables.org/documentation/index.html

and some TLDP (The Linux Documentation Project) chapters:

http://www.tldp.org/HOWTO/HOWTO-INDEX/networking.html#NETSECURITY

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Aguacer0
    We would need more information about your environment to properly design. Firewall designs are on a case by case basis since every company works differently and need their own specific set of requirements.
    8,135 pointsBadges:
    report
  • RGunther
    Some helpfull design techniques for Firewalls would be: * Open ports for only the servers that need them. (Ex: opening ftp for a whole subnet when only one computer needs it open) * All management ports (22, 3389, 1433) should be closed and you connect to them through a VPN. * Put in place a system to review your firewall rules every so often to remove unused rules. * Look into firewalls that have IDS/IPS options that will block users when they see an attack (DDOS, port scan, ip scan.) * Seperate your servers into specific VLANs for usage (Ex: DB, Web servers, Fileshares) and only open the ports needed between the vlans. This will help incase one of your servers do become compromised, they won't have full access to the rest of your servers. I am sure there are plenty of other techniques also, if you could narrow down the scope of your question we could give you more detailed answers. Ryan Gunther www.onlinetech.com
    650 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following