Moving from SSAE 16 to SSAE 18 - Compliance is Never Enough Webinar Series

Firewall and Router Management

Best Practices for Firewall and Router Management

This webinar is not going to provide you with specific instructions on how to configure your individual devices. However, it will provide you with the individual attributes that you need to consider when developing your router and firewall security program. In this webinar, we will focus on discussing physical devices, running operating systems, and secure traffic rules.

If your goal is to fully develop your security system, you must accept that managing the security of a physical device goes much further than the device itself. Best practices include:

  • Assigned responsibility for the management of physical devices and periodic review of the configurations must be performed
  • Defined acceptable use policies and procedures for your assets, along with acceptable technologies and acceptable locations to place them in
  • In those locations, you must ensure that they are physically secured from unauthorized access; this means that cables connecting in to and out of the devices are secure, there is limited access to directly console into devices, and there is minimal out-of-bound access points to devices

When you’re considering how to securely run operating systems, there are a few logical steps:

  • Limit logical access to only those who require it
  • Maintain a detailed list of hardening standards
  • Configure logging
  • Change all defaults (especially passwords)
  • Ensure strong encryption
  • Keep your operating system updated
  • Establish remote access console timeout
  • Configure NTP
  • Establish log-on banner
  • Disable unused interfaces
  • Ensure that loaded images are authentic
  • Restrict ICMP from untrusted interfaces
  • Enable anti-spoofing rules

When maintaining secure traffic rules, there are a few best practices including:

  • Maintain a list of approved ports and services, which management should oversee
  • Limit inbound traffic from the Internet to the DMZ
  • Limit outbound traffic to only that which is needed
  • Deny all other traffic not required
  • Generally speaking “any ” rules should not be used; rules should be as prescriptive as necessary

Listen to the full webinar to learn more about firewall and router management, listen to the Q&A portion, and view more resources. Contact us today to learn more.