Security - Best Practices
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
799
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
SECURITY - BEST PRACTICES
"Security is not a product, it's a process". This is a very famous saying by
Bruce Schneier. Nothing in security is "set it and forget it!" Security cannot be
achieved with point products-it is an ongoing process that never ends. A firewall is
a very important part of security, but it is a small part. There are instances where
one has the best firewall product installed but poorly configured one. This is same
as not having one.
It becomes imperative, hence to know what are the best practices to follow when
configuring a firewall. The below said discussion gives a broad guideline to
configure a firewall which protects the network against the hackers as well as the
Denial-of -Service attacks. Below are some rules, procedures and restrictions you
may use to provide level of security in the network.
The following are some general procedures, which needs to be kept in mind.
(These are independent of Firewall configuration).
• Keeping network user accounts off the Internet service computers such as web
servers. FTP servers and firewall. Having separate administrative accounts with
different passwords for these devices.
• Regularly scan the system logs for failed logon attempts to network services and
failed connection attempts to web servers, FTP servers, etc.
• Regularly scan system user accounts for unauthorized addition or modification of
user accounts for network services
• Performing regular backups.
RULES FOR CONFIGURING PACKET FILTERS
A packet filter will not stop a concentrated network attack from exploiting service
protocol weaknesses, but it will stop the simplest Denial -of- service attacks.
These rules control the flow of several different kinds of packet through the
firewall. The point to be noted here is that rules are evaluated by firewall from first
to last.
The rules are:
• ICMP Rules
• IP Rules
• UDP Rules
• TCP Rules
To Next Page
Loading...
Need help?
General
