These requirements are mandatory to ensure a secure firewall system.
Network Documentation
All network related documentation must be updated and currency of content
maintained. Network related documentation should be appropriately
identified with date, version number, and commentary as to what changes
have been made to the content. All such changes should be managed
via a formal change control mechanism. In order to ensure that the firewall
is securing the required section of the network a detailed diagram of the
network may be required. This can be used to ensure that the firewall is
protecting what it should be protecting and will help in identifying any
weaknesses that may exist within the firewall setup.
Change Control
Management should document a formal change control policy for amending
the firewall’s configuration. This policy should describe the principles
and objectives on which change control process should op-erate. Having
defined when changes should be performed, the objectives should describe
change re-quirements (that is-key standards). Change Control is required
to ensure that administrators of the firewall are in fact performing the
task required of them. This is done to
1. ensure changes made reflect the change in policy.
2. ensure the administrators do not perform changes without notification.
Non conformance may result in loss of control over changes to network
devices resulting in unauthorised access into a device and the potential
for an unauthorised person to alter security configuration parameters.
Personnel installing changes must be authorised to do so and held accountable
for the change. If the organisation does not identify the authorised
individuals who update the firewall, the risk increases of unauthorised
changes to configurations
Firewall Documentation
Firewall documentation should exist, and as a minimum detail the firewall
policy and the rational for the inclusion of each individual rule. Documentations
should also justify the exclusion of specific rules, where the absence
impacts on the security of the firewall and/or the corporate network. In
order to de-sign a rule base it is important to have supporting documentation
outlining the policies required by the organisation. These should be kept
up to date to reflect the actually policies in place on the firewall(s).
Physical Security
Ensure that the Firewall and the network cabling related to it are physically
secured. Physical access to the firewall or the related network cabling
provides opportunities for an intruder to bypass the firewall itself.
Patches
Ensure that patches to the base operating system and to the firewall are
current. For a firewall to be successful it must operate on a secure operating
system. If the firewall is running on an inferior system then it is open
to attacks not possible according to the firewall. It should be ensured
that the system the firewall is run on is secure and that all patches have
been applied.
Backup Procedures
Ensure that backup procedures exist for the firewall configuration and
the log files. The firewall should be backed up to ensure quick recovery
from data loss. The log files should be archived separately to ensure a
permanent record of transactions. The archived logfiles should be removed
from the firewall as they will slowly consume all available space on the
system, potentially causing failures. There should be sufficient space
for the log files to reduce the risk that the partition will be deliberately
filled by an attacker.
Alert Procedure
If Alerts are enabled then there should exist a documented procedure for
handling the alert
