Download
This policy operates perimeter firewalls between the internet and its private internal network in order to create a secure operating environment for an organization’s computer and network resources. This policy helps distribute the flow of traffic and is easily overlooked. Firewalls establish a control point within the information system of the company.
Sound security policies must always be considered your first line of defense. The starting point of truly secure firewalls is to fully document in a comprehensive firewall policy what each of your firewalls should and should not do. This may sound simplistic, but some of the key tasks a firewall should perform are easily overlooked. Download this firewall policy template to help you develop, implement, and enforce a set of sound firewall rules.
Risks Addressed by Policy:
- Susceptible to external virus attacks.
- Low Security levels.
2 Comments
This seems to be more than a little dated, (any time 'gopher' as a protocol on a policy you know you are working with something very old). Beyond that, this doesn't seem to account for anythign beyond a basic firewall implementation (only an inside and outside zone are mentioned, not multiple DMZ's, VPN traffic is assumed to transit the same device).
Thank you for pointing out the age of this policy.
Our policy templates are mapped to both ISO27001 and NIST 800-53 standards in order to apply as broadly as possible to our client base. If there are additional firewall implementation considerations, the templates are highly customizable to reflect those add-ons. We are happy to review people’s policies if that is of interest - just contact your account manager.
We also hope to update these policies within the year and make them more relevant.
Thanks again.