Professional Documents
Culture Documents
Version 1.0
Contents
12.1 Mandatory
2.1
3.1
4.1 Purpose..................................................................................................................................
Objective................................................................................................................................
Entry Criteria..........................................................................................................................
Techniques and Tools........................................................................................14
Tools........................................................................................15 3
4
5
2 DOCUMENT
14
3
4
5
1 INTRODUCTION......................................................................................................................
APPLICABLE
DEFINITION.............................................................................................................................
EVENT.....................................................................................................................................
INPUTS....................................................................................................................................
INFORMATION
TAILORING CRITERIA..................................................................................16
& HISTORY 3
4
5
6
2.2 Optional
3.2
4.2
12.2 Audience................................................................................................................................
Scope.....................................................................................................................................
Exit Criteria............................................................................................................................
Techniques and Tools...........................................................................................14
Tools...........................................................................................15 3
4
5
2.3
6 Related Documents...............................................................................................................
15 PROCESS
FREQUENCY FLOW....................................................................................................................
OF REVIEW.................................................................................................... 17 3
7
APPENDIX
7 ACTIVITIES..............................................................................................................................
1 – FIREWALL GUIDELINES...................................................................................19 9
APPENDIX
8 STAKEHOLDERS..................................................................................................................
2 – FIREWALL TESTING.......................................................................................... 10 28
2
9 INTRODUCTION......................................................................................................................11
OUTPUTS.............................................................................................................................. 3
10 VERIFICATION AND VALIDATION.......................................................................................12
11 MEASUREMENTS................................................................................................................. 13
12 TECHNIQUE
RELATED POLICIES.............................................................................................................
AND TOOLS.................................................................................................... 14
13 TECHNIQUE AND TOOLS.................................................................................................... 15
13 APPLICABLE TAILORING CRITERIA..................................................................................15
14 FREQUENCY OF REVIEW.................................................................................................... 16
APPENDIX 1 – FIREWALL GUIDELINES...................................................................................18
APPENDIX 2 – FIREWALL TESTING.......................................................................................... 27
1
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
1
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
2 Contents
2
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
3 1 Introduction 3
3
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
4 1.1 Purpose 3
4
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
5 1.2 Scope3
5
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
6
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
7
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
8
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
9
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
10
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
11
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
12
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
13
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
14
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
15 9 Appendix 13
15
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
16 10 Owners’s Responsibilities 14
16
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
17
17
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
18 Introduction
18.1 Purpose
The purpose of this document is to define the procedures, roles and responsibilities of firewall
management.
18.2 Audience
The intended audience for this document is any personnel who are involved in the management
of firewall for Great Eastern Life Indonesia (GELI).
The following describes the use of the document by the different stakeholders:
1. Requestor (Users)
Raise the required firewall modification and give complete supporting information for the
request.
2. Head of Department
Endorse the modification requests for the firewall and responsible for the use of the access
given.
Title of Document
GELI Information Security Policy
GELI Information Security Standards & Guidelines
GELI Information Classification & Handling Guidelines
GELI Acceptable Use Policy
IT Security Standards
GELI RFC Handling Procedure for IT Infrastructure
18
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
19 Definition
3.1 Objective
Only firewall management processes are covered. There will be no discussion on firewall
technical review or technical designs to automate the processes.
3.2 Scope
The scope of the procedure is only firewall management processes that are covered. There will
be no discussion on firewall technical review or technical designs to automate the processes.
The firewalls that covered are all firewalls, i.e. internal and external firewalls.
The periodic firewall rules review done by Review Committee (jointly by Head of IT SD & Head of
IT SEC) is summarized as follows.
Critical firewalls that will be reviewed twice a year:
- First-Tier Internet facing firewall
- First-Tier Semi-Trusted Firewalls
- Firewalls and router rule set related to PCI in-scope applications
Other firewalls, beside above lists, will be reviewed once a year.
IT SEC team will Rreviewing firewall security logs will be done when there is a computer security
incident which requires investigation of relevant firewall security logs.
19
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
20 Event
4.1 Entry Criteria
A documented request (typically a (User Request Form) URF, (Service Desk Plus) SDP, and
(Request For Changes) RFC) is raised for firewall modification request or periodic firewall
request.
This section describes the conditions where the firewall modification process or firewall review is
deemed complete.
20
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
21 Inputs
This section describes the inputs required for request for change handling process.
Table 1
S/N Description
5.1 Request URF using e-Helpdesk system
21
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
22 Process Flow
The process flow for firewall rules modification (add/edit/delete) is illustrated below:
22
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
23
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
23 Activities
The activities in the table below will be for firewall modification process
Activity Description Timeline/Schedule
Steps
STEP 1 : Create ticket for modification Ticket submission
(approved) cutoff is
User fill up Firewall Request Form with detail information
on Friday for next
User attach Firewall Request Form into eHelpdesk’s URF cycle review
URF will be assigned to IT SEC
STEP 2 : Review Ticket Review will be done
on Monday for all
IT SEC review the ticket
the submitted ticket
IT SEC make sure information in Firewall Request form completed from the week
IT SEC will decide the approval of the ticket before.
o If Approved the ticket will be assigned to IT SD to start RFC process
o If Rejected the ticket will be closed and asked the user to re-create
given sufficient information/justification provided
STEP 3 : Start RFC Process for IT Infra Process started on
Tuesday if ticket
IT SD fill up RFC form passed the review
RFC for IT Infra started
The activities in the table below will be for firewall rules review process
24
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
24 Stakeholders
Stakeholder in the table below will be for firewall modification process
Stakeholders IT IT IT
Activities User Production Service Security
Support Delivery
Create ticket for
R,A C
modification
Stakeholder in the table below will be for firewall rules review process
Stakeholders IT IT IT
Activities User Production Service Security
Support Delivery
Retrieve existing firewall
I R,A
rules
Recommend
Resolutions from C R,A
Findings
Note on RACI:
A is the person Accountable to see that the activity gets done, correctly;
25
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
25 Outputs
This section describes the outputs from request for change handling process.
S/N Description
9.1 Closing URF.
26
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
27
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
27 Measurements
Measurement Table
28
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
28 Related Policies
Title of Document
GELI Information Security Policy
GELI Information Security Standards & Guidelines
GELI Information Classification & Handling Guidelines
GELI Acceptable Use Policy
IT Security Standards
GELI RFC Handling Procedure for IT Infrastructure
29
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
Nil.
Nil.
30
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
31
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
31 Frequency of Review
This Procedure shall be reviewed annually and any amendments approved by Board of Directors.
32
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
Approval Page
Lambertus Setiawan
WLambertus Setiawan
WFirman Ariyadi
Head of Head of IT Service
Delivery
Reviewed by:
Reviewed by:
Reviewed by:
Approved by:
______________________
Clement Lien Cheong Kiat ______________________ ______________________
President Director Clement Lien Cheong Kiat Nina Ong
President Director Fauzi
Nina Ong Director
Director
______________________
______________________ Fauzi
33
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
34
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
Firewall Covered
Firewalls between DR and PROD
Cross-Border firewalls
Internal firewalls
Firewalls to International Offices
Firewalls used by Wireless LAN
Not covered
Third party firewall
Internet facing firewall (DMZ 3 tier firewalls )
3 Identified Standard Port
Standard ports identified are:
B. AS400 System
35
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
These ports are used for AS400 client to access AS400 servers.
Port 8473 and 8474 are required only when Data Centre Operations and Technology
Infrastructure required managing printer and printing the reports.
Application Non SSL Port SSL Port Number
Number
Telnet N.A 992/TCP
Server mapper 449/TCP 449/TCP
Central server 8470/TCP 9470/TCP
Database server 8471/TCP 9471/TCP
Data queues 8472/TCP 9472/TCP
File server 8473 */TCP 9473/TCP
Printer server 8474 */TCP 9474/TCP
Remote command 8475/TCP 9475TCP
Sign-on (user profile & 8476/TCP 9476/TCP
password
authentication)
HTTP Administration N.A 2010/TCP
Management Central N.A 5566/TCP
DDM N.A 448/TCP
C. LAN/WLAN Service
Application Port Number
TCP UDP
Symantec Anti-Virus 22
2967
2638
1433
8443
8444
9090
8014
443
8445
8446
LANDesk 445
4343
5007
9535
9593
9594
9595
36
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
9971
9972
9982
12174
12175
12176
16992
16993
16994
33354
67
68
69
1758
1759
4011
9535
9595
33354
33355
38293
Kerberos Auth* 88 88
RPC End-point-mapper* 135 N.A
NetBIOS Name Service* N.A 137
NetBIOS Datagram* N.A 138
NetBIOS Session* 139 N.A
LDAP*^ 389 389
LDAP over SSL* 636 N.A
Global DC LDAP*^ 3268 N.A
Global DC LDAP over SSL* 3269 N.A
Microsoft DS* 445 N.A
Limited RPC ports* 1024-5000 1024-5000
ExchangeSA Interface 10010 N.A
ExchangeIS Interface 10020 N.A
NSPI Proxy 10030 N.A
ExchangeSRS Interface 10040 N.A
WINS Resolution* 1512 1512
HTTP PROXY 8808 N.A
HTTPS PROXY 8808 N.A
ACS authentication N.A 1645
37
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
Note: * - Ports should be configured one way only from Clients to ACS server.
38
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
39
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
40
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
* Bi-Directional
J. Other Applications
Services
Description TCP UDP
Control-M 7011, 7010 N.A
MQ 1411–1419 N.A
Connect Direct 1361–1369 N.A
41
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
5 Cross-Border Firewall
- With IPS for cross-border access, all HIGH ports (1024 and above) will be open
between ID, SG and MY and the rest of cross border branches between the same
environment on PROD, Neutral, SIT, UAT and DEV. LOW ports will be controlled
on top of the pre-approved low ports configured in the cross-border firewall between
the same environments as well.
- Pre-approved low ports and high ports (1024 and above) will be open for all cross
border branches between the two segments (PROD and ES LAN) that is being
segregated by a firewall.
- Applications that will need to use low ports other than ports indicated below will still
need endorsement from IT SEC as per the workflow in Figure1procedure here.
- For temporary cross environment request, IP protocol will be open.
Prod-Prod By default, all HIGH ports (1024 & above) are opened.
Prod-UAT
Prod-DR
UAT-DR By default, the following LOW ports are opened:
Dev-SIT 22 (ssh), 25 (smtp), 42 (name), 49 (tacacs), 53 (domain), 80
(www), 81 (hosts-2ns), 82 (xfer), 83 (mit-ml-dev), 84 (ctf), 86
Dev-Dev (mfcobol), 88 (kerberos), 102 (iso-tsap), 123 (ntp), 135
(epmap), 136 (profile), 137 (netbios-ns), 138 (netbios-dgm),
139 (netbios-ssn), 161 (snmp), 162 (snmptrap), 179 (bgp),
389 (ldap)*, 443 (https), 445 (microsoft-ds), 464
(Authentication, Trust – New for Windows AD 2012), 446
(ddm-rdb), 447 (ddm-dfm), 448 (ddm-ssl), 449 (as-
servermap), 450 (tserver), 514/udp (syslog), 515 (lpd), 593
(http-rpc-epmap), 636 (ldaps), 671 (vacdsm-app), 691
(msexch-routing), 797(unassigned), 798 (unassigned), 1023
(reserved), ICMP
42
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
43
PT. Great Eastern Life Indonesia
Firewall Management Process Internal
______________________________________________________________________________________________________
S/ Scenario Description
N Expected Result
1 Primary Firewall Down Initiate a FTP session from the one The ftp session is
zone to the opposite zone. still established
The secondary firewall shall take
over the primary firewall and
maintain the stateful for the ftp
session
2 Primary Firewall Physical Link is Same as above Same as above
down
3 Firewall Heartbeat Link is down Same as above Same as above
4 Primary FW connected switch is Same as above Same as above
down
5 Primary FW connected switch is Same as above Same as above
not forwarding
Test 2: The Primary Firewall is recovered and the secondary FW does not fail over to the
secondary automatically
S/
N Scenario Description Expected Result
1 Secondary Firewall Down Initiate a FTP session from the one The ftp session is
zone to the opposite zone. The still established
primary firewall shall take over the
secondary firewall and maintain the
stateful for the ftp session
2 Secondary Firewall Physical Same as above Same as above
Link is down
3 Firewall Heartbeat Link is down Same as above Same as above
4 Secondary FW connected Same as above Same as above
switch is down
5 Secondary FW connected Same as above Same as above
switch is not forwarding
Please note that all SSL connections shall be re-established, FTP option disabled after testing.
44