GELI Firewall Management Process V1.0 - Final

Internal
Firewall Management Process
PT. Great Eastern Life Indonesia
Version 1.0
Division : Information Technology

Firewall Management Process Internal
______________________________________________________________________________________________________
Contents
12.1 Mandatory
2.1
3.1
4.1 Purpose..................................................................................................................................
Objective................................................................................................................................
Entry Criteria..........................................................................................................................
Techniques and Tools........................................................................................14
Tools........................................................................................15 3
4
5
2 DOCUMENT
14
3
4
5
1 INTRODUCTION......................................................................................................................
APPLICABLE
DEFINITION.............................................................................................................................
EVENT.....................................................................................................................................
INPUTS....................................................................................................................................
INFORMATION
TAILORING CRITERIA..................................................................................16
& HISTORY 3
4
5
6
2.2 Optional
3.2
4.2
12.2 Audience................................................................................................................................
Scope.....................................................................................................................................
Exit Criteria............................................................................................................................
Techniques and Tools...........................................................................................14
Tools...........................................................................................15 3
4
5
2.3
6 Related Documents...............................................................................................................
15 PROCESS
FREQUENCY FLOW....................................................................................................................
OF REVIEW.................................................................................................... 17 3
7
APPENDIX
7 ACTIVITIES..............................................................................................................................
1 – FIREWALL GUIDELINES...................................................................................19 9
APPENDIX
8 STAKEHOLDERS..................................................................................................................
2 – FIREWALL TESTING.......................................................................................... 10 28
2
9 INTRODUCTION......................................................................................................................11
OUTPUTS.............................................................................................................................. 3
10 VERIFICATION AND VALIDATION.......................................................................................12
11 MEASUREMENTS................................................................................................................. 13
12 TECHNIQUE
RELATED POLICIES.............................................................................................................
AND TOOLS.................................................................................................... 14
13 TECHNIQUE AND TOOLS.................................................................................................... 15
13 APPLICABLE TAILORING CRITERIA..................................................................................15
14 FREQUENCY OF REVIEW.................................................................................................... 16
APPENDIX 1 – FIREWALL GUIDELINES...................................................................................18
APPENDIX 2 – FIREWALL TESTING.......................................................................................... 27
1
______________________________________________________________________________________________________
1. Document Information & History
Document Owner Head of Information Technology
Board of Directors (“BOD”)

Approved by & Date
xx 30 November August 201828 September 2018
Board of Directors (“BOD”)

Reviewed by & Date
28 September 20180 August 2018
Document Version 1.0
Date of Last Revision -dd MM 2017
Effective Date 28 September 20180 November August 2018
Date Version Change Reference
28 September 20180 01.10 New

November August
2018
1
______________________________________________________________________________________________________
2 Contents
2
______________________________________________________________________________________________________
3 1 Introduction 3
3
______________________________________________________________________________________________________
4 1.1 Purpose 3
4
______________________________________________________________________________________________________
5 1.2 Scope3
5
______________________________________________________________________________________________________
6 1.3 Role and Responibilities 3
6
______________________________________________________________________________________________________
7 1.4 Related Documents 3
7
______________________________________________________________________________________________________
8 2 Infrastructure System Patch Management Process Flow 4
8
______________________________________________________________________________________________________
9 3 Process Steps for Infrastructure System 5
9
______________________________________________________________________________________________________
10 4 Patch Schedule for Desktop Operation System Only 6
10
______________________________________________________________________________________________________
11 5 Patch Schedule for Infrastructure System (Exclude Desktop)

7
11
______________________________________________________________________________________________________
12 6 Network Patch Review and Deployment Process Flow Diagram

9
12
______________________________________________________________________________________________________
13 7 Process Steps for Network 10
13
______________________________________________________________________________________________________
14 8 Patch Schedule for Network 11
14
______________________________________________________________________________________________________
15 9 Appendix 13
15
______________________________________________________________________________________________________
16 10 Owners’s Responsibilities 14
16
______________________________________________________________________________________________________
17
17
______________________________________________________________________________________________________
18 Introduction
18.1 Purpose
The purpose of this document is to define the procedures, roles and responsibilities of firewall
management.
18.2 Audience
The intended audience for this document is any personnel who are involved in the management
of firewall for Great Eastern Life Indonesia (GELI).
The following describes the use of the document by the different stakeholders:
1. Requestor (Users)
Raise the required firewall modification and give complete supporting information for the
request.
2. Head of Department
Endorse the modification requests for the firewall and responsible for the use of the access
given.
3. Information Technology Service Delivery (IT SD)

Change firewall based on request and testing system.
4. Information Technology Production Support (IT PS)

Provide input during firewall review
5. Information Technology Security (IT SEC)

Provide approval of the submitted request to align with GELI security and governance.
Beside review and give recommendation on firewall review process.
6. Cross Entity Support

Execute the request for external system
18.3 Related Documents
Title of Document
GELI Information Security Policy
GELI Information Security Standards & Guidelines
GELI Information Classification & Handling Guidelines
GELI Acceptable Use Policy
IT Security Standards
GELI RFC Handling Procedure for IT Infrastructure
18
______________________________________________________________________________________________________
19 Definition
3.1 Objective
The objectives of this procedure are:

1. Firewall logs review
2. Firewall rules management
a. Addition of rules
b. Modification of rules
c. Deletion of rules
d. Periodic rules review
3. Firewall rules guidelines
Only firewall management processes are covered. There will be no discussion on firewall
technical review or technical designs to automate the processes.
3.2 Scope
The scope of the procedure is only firewall management processes that are covered. There will
be no discussion on firewall technical review or technical designs to automate the processes.
The firewalls that covered are all firewalls, i.e. internal and external firewalls.
The periodic firewall rules review done by Review Committee (jointly by Head of IT SD & Head of
IT SEC) is summarized as follows.
Critical firewalls that will be reviewed twice a year:
- First-Tier Internet facing firewall
- First-Tier Semi-Trusted Firewalls
- Firewalls and router rule set related to PCI in-scope applications
Other firewalls, beside above lists, will be reviewed once a year.
IT SEC team will Rreviewing firewall security logs will be done when there is a computer security
incident which requires investigation of relevant firewall security logs.
19
______________________________________________________________________________________________________
20 Event
4.1 Entry Criteria
User Request Form (URF) is created
A documented request (typically a (User Request Form) URF, (Service Desk Plus) SDP, and
(Request For Changes) RFC) is raised for firewall modification request or periodic firewall
request.
4.2 Exit Criteria
User Request Form (URF) is closed.
This section describes the conditions where the firewall modification process or firewall review is
deemed complete.
- Request for Change stored in target environment.

- Request for Change request form is approved by HOD (Head of Division).
- Acceptence Signoff Form is signed by users, users’ manager and each HOD.
20
______________________________________________________________________________________________________
21 Inputs
This section describes the inputs required for request for change handling process.
Table 1
S/N Description
5.1 Request URF using e-Helpdesk system
5.2 Attaching RFC form inside e-Helpdesk URF
If related with Firewall Access please attach this form
21
______________________________________________________________________________________________________
22 Process Flow
The process flow for firewall rules modification (add/edit/delete) is illustrated below:
22
______________________________________________________________________________________________________
The process flow for firewall rules review is illustrated below:
23
______________________________________________________________________________________________________
23 Activities
The activities in the table below will be for firewall modification process
Activity Description Timeline/Schedule
Steps
STEP 1 : Create ticket for modification Ticket submission
(approved) cutoff is
 User fill up Firewall Request Form with detail information
on Friday for next
 User attach Firewall Request Form into eHelpdesk’s URF cycle review
 URF will be assigned to IT SEC
STEP 2 : Review Ticket Review will be done
on Monday for all
 IT SEC review the ticket
the submitted ticket
 IT SEC make sure information in Firewall Request form completed from the week
 IT SEC will decide the approval of the ticket before.
o If Approved the ticket will be assigned to IT SD to start RFC process
o If Rejected the ticket will be closed and asked the user to re-create
given sufficient information/justification provided
STEP 3 : Start RFC Process for IT Infra Process started on
Tuesday if ticket
 IT SD fill up RFC form passed the review
 RFC for IT Infra started
The activities in the table below will be for firewall rules review process
Activity Description Timeline/Schedule

Steps
STEP 1 : Retrieve Firewall Rules Twice a year for T1
firewall and the rest
 IT SEC retrieve the firewall rules that will be reviewed
once a year.
STEP 2 : Review Rules All findings must be

closed within 3
 IT SEC review the retrieved firewall rules
months after the
STEP 3 : Recommend Resolutions from Findings findings found.
 IT SEC recommend resolutions from findings
STEP 4a : Assess Resolutions
 IT SEC take input from IT SD for Infrastructure and IT PS for Application
related findings
STEP 4b : Provide Input in Assessment of Resolutions
 IT PS and IT SD provide input on the resolutions of the findings
STEP 5a : Raise ITRA
 IT SD will raise IT RA on related findings
STEP 5b : Create Ticket
 IT SEC will create ticket with completed Firewall Request Form
STEP 6 : Start RFC Process for IT Infra Process started on
Tuesday if ticket
 IT SD fill up RFC form passed the review
 RFC for IT Infra started
24
______________________________________________________________________________________________________
24 Stakeholders
Stakeholder in the table below will be for firewall modification process
Stakeholders IT IT IT
Activities User Production Service Security
Support Delivery
Create ticket for
R,A C
modification
Review ticket I C R,A
Start RFC for IT Infra

I R,A C
Process
Stakeholder in the table below will be for firewall rules review process
Stakeholders IT IT IT
Activities User Production Service Security
Support Delivery
Retrieve existing firewall
I R,A
rules
Review firewall rules I R,A
Recommend
Resolutions from C R,A
Findings
Assess Resolutions C C R,A
Raise ITRA I R,A C
Create ticket for

C R,A
modification
Start RFC for IT Infra

R,A C
Process
Note on RACI:
R is the person Responsible to do the activity;
A is the person Accountable to see that the activity gets done, correctly;
C is the person Consulted before the activity is completed;
I is the person to be Informed once the activity is completed.
25
______________________________________________________________________________________________________
25 Outputs
This section describes the outputs from request for change handling process.
S/N Description
9.1 Closing URF.
9.2 Request For Change system according to requirement.
26
______________________________________________________________________________________________________
26 Verification and Validation

Verification and Validation (VV) Table
VV Method Activity / Artifact Responsible By
Analyze the form
Peer Review IT SEC

Artifact: Firewall Request Form, Existing
Firewall Rules
Analyze the change issue

IT PS, IT SD, IT
SEC
Artifact : RFC/CRF
Note: Examples for VV Method could be Review, Code Walkthrough, Testing, Sign-off etc.
27
______________________________________________________________________________________________________
27 Measurements
Measurement Table
Measure Metrics Formula

None None None
28
______________________________________________________________________________________________________
28 Related Policies
Title of Document
GELI Information Security Policy
GELI Information Security Standards & Guidelines
GELI Information Classification & Handling Guidelines
GELI Acceptable Use Policy
IT Security Standards
GELI RFC Handling Procedure for IT Infrastructure
29
______________________________________________________________________________________________________
29 Technique and Tools

12.1 Mandatory Techniques and Tools
Nil.
12.2 Optional Techniques and Tools
Nil.
30
______________________________________________________________________________________________________
30 Applicable Tailoring Criteria

Not Applicable
31
______________________________________________________________________________________________________
31 Frequency of Review
This Procedure shall be reviewed annually and any amendments approved by Board of Directors.
32
______________________________________________________________________________________________________
Approval Page
Prepared and Submitted by:
Lambertus Setiawan
WLambertus Setiawan
WFirman Ariyadi
Head of Head of IT Service
Delivery
Reviewed by:
Willianto Lambertus Setiawan WHenki

LubisHenki Lubis
Head of IT Security and Head of IT Solutioning and
Governance System DeliveryHead of IT
Service DeliverySolutioning
and System Delivery
Reviewed by:
Henki LubisEric Surya

TanudjajaDjoni Tany
Head of IT
Reviewed by:
Ramona EI Napitupulu Reinhard Saut MT Siahaan

Head of Risk Management Head of Compliance
Approved by:
______________________
Clement Lien Cheong Kiat ______________________ ______________________
President Director Clement Lien Cheong Kiat Nina Ong
President Director Fauzi
Nina Ong Director
Director
______________________
______________________ Fauzi
33
______________________________________________________________________________________________________
Yungki Aldrin Director

Director
34
______________________________________________________________________________________________________
Appendix 1 – Firewall Guidelines

1 Methodology
 Source IP and Designation will be grouped by zone (e.g. Production or Development).

 A standard list of ports used by domain authentication, email services and web surfing
will be endorsed and opened between the same zone.
 Special ports used by network management tools and desktop service applications will
be defined and opened from management server to dedicated zone.
2 Scope
Firewall Covered
 Firewalls between DR and PROD
 Cross-Border firewalls
 Internal firewalls
 Firewalls to International Offices
 Firewalls used by Wireless LAN
Not covered
 Third party firewall
 Internet facing firewall (DMZ 3 tier firewalls )
3 Identified Standard Port
Standard ports identified are:
Application Port Number

DNS Query 53/UDP
MS Windows 137/UDP,138/UDP,139/TCP
Web Browser 80/TCP
443/TCP
8080/TCP
4 Non-Standard port requested

A. Network Monitoring and Maintenance (Owner – IT Network Team)
These ports are used by network management tools.
SNMP 161/TCP and UDP
SNMP TRAP 162/TCP and UDP
Syslog Services 514/UDP
NTP 123/UDP
SSH 22/TCP
B. AS400 System
35
______________________________________________________________________________________________________
These ports are used for AS400 client to access AS400 servers.
Port 8473 and 8474 are required only when Data Centre Operations and Technology
Infrastructure required managing printer and printing the reports.
Application Non SSL Port SSL Port Number
Number
Telnet N.A 992/TCP
Server mapper 449/TCP 449/TCP
Central server 8470/TCP 9470/TCP
Database server 8471/TCP 9471/TCP
Data queues 8472/TCP 9472/TCP
File server 8473 */TCP 9473/TCP
Printer server 8474 */TCP 9474/TCP
Remote command 8475/TCP 9475TCP
Sign-on (user profile & 8476/TCP 9476/TCP
password
authentication)
HTTP Administration N.A 2010/TCP
Management Central N.A 5566/TCP
DDM N.A 448/TCP
C. LAN/WLAN Service
TCP UDP
Symantec Anti-Virus 22
2967
2638
1433
8443
8444
9090
8014
443
8445
8446
LANDesk 445
4343
5007
9535
9593
9594
9595
36
______________________________________________________________________________________________________
9971
9972
9982
12174
12175
12176
16992
16993
16994
33354
67
68
69
1758
1759
4011
9535
9595
33354
33355
38293
Kerberos Auth* 88 88
RPC End-point-mapper* 135 N.A
NetBIOS Name Service* N.A 137
NetBIOS Datagram* N.A 138
NetBIOS Session* 139 N.A
LDAP*^ 389 389
LDAP over SSL* 636 N.A
Global DC LDAP*^ 3268 N.A
Global DC LDAP over SSL* 3269 N.A
Microsoft DS* 445 N.A
Limited RPC ports* 1024-5000 1024-5000
ExchangeSA Interface 10010 N.A
ExchangeIS Interface 10020 N.A
NSPI Proxy 10030 N.A
ExchangeSRS Interface 10040 N.A
WINS Resolution* 1512 1512
HTTP PROXY 8808 N.A
HTTPS PROXY 8808 N.A
ACS authentication N.A 1645
37
______________________________________________________________________________________________________
Note: * - Ports should be configured one way only from Clients to ACS server.
^ - Subject to management approval
D. Port for joining Domain Controllers

Services
Description TCP UDP
Kerberos Authentication 88 88
RPC End-Point-Mapper 135 N.A
NetBIOS Name Service N.A 137
NetBIOS Datagram N.A 138
NetBIOS Session 139 N.A
LDAP* 389 389
LDAP over SSL (LDAPS) 636 N.A
Global DC LDAP* 3268 N.A
Global DC LDAP over SSL 3269 N.A
Microsoft DS 445 445
Limited RPC Ports 1024-5000 1024-5000
Exchange SA Interface 10010 N.A
Exchange IS Interface 10020 N.A
Exchange SRS Interface 10040 N.A
WINS Resolution 1512 1512
DNS 53 53
Network Time Protocol 123 123
Authentication, Trusts (New for 464 464
Windows Server 2012)
Group Policy (Windows 7, Windows 49152-65535 49152-65535
Server 2008, Windows Server 2012)
Group Policy (Windows 7, Windows ICMP ICMP
Server 2008, Windows Server 2012)
KMS Activation (New for Windows 1688 N.A
Server 2012)
* - Subject to management approval

E. Ports for joining SG Exchange Back-End System
Services
Description TCP UDP
RPC End-Point-Mapper 135 N.A
38
______________________________________________________________________________________________________
Microsoft DS 445 N.A

Exchange SA Interface 10010 N.A
Exchange IS Interface 10020 N.A
Exchange SRS Interface 10040 N.A
WINS Resolution 1512 1512
F. Ports for Network Management

Services
Description TCP UDP
TACACS 49 N.A
HTTPS for PacketShaper 443 N.A
HTTPS for Content Engine 8003 N.A
NTP (Network Time Protocol) N.A 123
G. Ports for IP Telephony

Services
Description TCP UDP
Firmware download N.A 69, 5105
IP Phone signaling N.A 4100, 5000,
5100,7300
RTP/RTCP Voice Media N.A 5200-5391
SNMP Trap N.A 162
SIP Transfer N.A 5060
SIP Proxy/SIP TLS 5061 N.A
H. Ports for Video Conference

Services
Description TCP UDP
(Telnet) For diagnostics N.A N.A
Polycom API 24 N.A
(HTTP) Pulling Polycom HDX system, 80 N.A
Polycom VSX
system, ViewStation, and VS4000™
information
(HTTP) Software upgrades and
provisioning for iPower™
Static – TCP HTTP interface (optional)
UPD Network time Protocol (NTP) 123 N.A
TCP/UDP SNMP 161-162 N.A
39
______________________________________________________________________________________________________
LDAP and ILS 389 389

Static – TCP/UDP ILS registration
(LDAP)*
TCP HTTPS 443 N.A
UDP Syslog N.A 514
Secure LDAP Communication (LDAPS) 636 N.A
Dynamic TCP H245 1024-65535 N.A
Dynamic UDP – RTP (video data)
Dynamic UDP – RTP (audio data)
Dynamic UDP – RTCP (control
information)
TCP T.120 1503 N.A
TCP Gatekeeper discovery (must be 1718 N.A
bidirectional)
TCP Gatekeeper RAS 1719 N.A
TCP H.323 call setup 1720 N.A
TCP Audio call control 1731 N.A
TCP (Proprietary – data traffic) – 3601 N.A
Global directory data
TCP/UDP People+content IP 5001 N.A
TCP/UDP SIP Call setup 5060 N.A
TCP Http server push 8080 N.A
H.323 Firewall Traversal 1720, 14085- 1719, 16386-25386
15084
* - Subject to management approval

I. Enterprise Monitoring System
Services
Description TCP UDP
Nimsoft Server/Application Monitoring
Subscribe/Alerting Request 48000*-48030* N.A

(Nimsoft Robot/Probes → Nimsoft
Management Server)
Monitoring Profile Configuration 48000*-48030* N.A
(Nimsoft Management Server →
Nimsoft Robot/Probes)
MSSQL Database Monitoring 1440/1441 N.A
(Nimsoft Management Server Oracle
Client → Oracle Database Servers)
Oracle Database Monitoring 1521/1581 N.A
40
______________________________________________________________________________________________________
(Nimsoft Management Server Oracle

Client → Oracle Database Servers)
Spectrum Infrastructure Manager Server / Network Availability Monitoring
SNMP Polling N.A 161

(Spectrum IM → Network Devices)
SNMP Traps N.A 162
(Network Devices/AS400 SAN/HMC
Console → Spectrum IM)
ICMP Ping ICMP N.A
(Spectrum IM → Servers/Network
Devices)
NetQos Server / Network Performance Monitoring
SNMP Polling N.A 161

(NetQos SuperAgent/NetVoyant
Poller/Harvester → Network Devices)
ICMP Ping ICMP N.A
(NetQos SuperAgent/NetVoyant Poller
→ Servers/Network Devices)
Netflow N.A 9995
(Routers → NetQos NetVoyant
Harvester)
WILY Application/Transaction Performance/Deep Dive Monitoring
Application Monitoring/Performance 5001 N.A

Analysis
(WILY Agent → WILY Management
Server)
MQ Performance/Availability Analysis 1414 N.A
(WILY MQ Client Agent → MQ Queue
Manager)
* Bi-Directional
J. Other Applications
Services
Description TCP UDP
Control-M 7011, 7010 N.A
MQ 1411–1419 N.A
Connect Direct 1361–1369 N.A
41
______________________________________________________________________________________________________
Oracle 1521, 1581,

1510-1530,
1570-1590
SQL 1433, N.A
1440-1450
Symantec Control & Compliance Suite N.A N.A
Agent to Manager Communication 5600 N.A
Manager to Agent Communication 5600, 5601 N.A
Console to Manager 1431 N.A
SEP management server 80,8013,443 N.A
SEP GUP 2967 N.A
PGP 443 N.A
Lotus Notes 1352, 1533 N.A
5 Cross-Border Firewall
- With IPS for cross-border access, all HIGH ports (1024 and above) will be open
between ID, SG and MY and the rest of cross border branches between the same
environment on PROD, Neutral, SIT, UAT and DEV. LOW ports will be controlled
on top of the pre-approved low ports configured in the cross-border firewall between
the same environments as well.
- Pre-approved low ports and high ports (1024 and above) will be open for all cross
border branches between the two segments (PROD and ES LAN) that is being
segregated by a firewall.
- Applications that will need to use low ports other than ports indicated below will still
need endorsement from IT SEC as per the workflow in Figure1procedure here.
- For temporary cross environment request, IP protocol will be open.
Environment Access Access Control Policy
Prod-Prod By default, all HIGH ports (1024 & above) are opened.
Prod-UAT
Prod-DR
UAT-DR By default, the following LOW ports are opened:
Dev-SIT 22 (ssh), 25 (smtp), 42 (name), 49 (tacacs), 53 (domain), 80
(www), 81 (hosts-2ns), 82 (xfer), 83 (mit-ml-dev), 84 (ctf), 86
Dev-Dev (mfcobol), 88 (kerberos), 102 (iso-tsap), 123 (ntp), 135
(epmap), 136 (profile), 137 (netbios-ns), 138 (netbios-dgm),
139 (netbios-ssn), 161 (snmp), 162 (snmptrap), 179 (bgp),
389 (ldap)*, 443 (https), 445 (microsoft-ds), 464
(Authentication, Trust – New for Windows AD 2012), 446
(ddm-rdb), 447 (ddm-dfm), 448 (ddm-ssl), 449 (as-
servermap), 450 (tserver), 514/udp (syslog), 515 (lpd), 593
(http-rpc-epmap), 636 (ldaps), 671 (vacdsm-app), 691
(msexch-routing), 797(unassigned), 798 (unassigned), 1023
(reserved), ICMP
42
______________________________________________________________________________________________________
2. * - Subject to management approval
6 Addition Of New Subnet And Services

A Network Request Form is required to be raised and submitted via Change Management
System for all new subnets and services to be added in existing Object-Group.
7 Endorsement
- To include other ports to the standard ports, list has to be reviewed by IT SEC.
- IT SEC will perform verification on ports as part of the Network Request process.
- The access control between different zones will remain unchanged by raising
Network Request via Change Management System.
8 Compliance
Any port request to be opened should comply with IT Security Standards and Guidelines.
9 Exclusion
Firewalls that cannot be remotely managed are those in the DMZ zone.
10 Rules Tagging
The rules will be tagged with reference number. For firewall which technically not able to
add comments on the same line, a separate tracking on the change reference number will
be performed by IT SD on the rules.
43
______________________________________________________________________________________________________
Appendix 2 – Firewall Testing

1 New Firewall Testing
All new Firewalls are to be tested before their installation.
2 Firewall High Availability (Stateful test)
Objective: The stateful firewall shall maintain the stateful for the all TCP connection.
Test 1: Primary Firewall Fail over
S/ Scenario Description
N Expected Result
1 Primary Firewall Down Initiate a FTP session from the one The ftp session is
zone to the opposite zone. still established
The secondary firewall shall take
over the primary firewall and
maintain the stateful for the ftp
session
2 Primary Firewall Physical Link is Same as above Same as above
down
3 Firewall Heartbeat Link is down Same as above Same as above
4 Primary FW connected switch is Same as above Same as above
down
5 Primary FW connected switch is Same as above Same as above
not forwarding
Test 2: The Primary Firewall is recovered and the secondary FW does not fail over to the
secondary automatically
S/
N Scenario Description Expected Result
1 Secondary Firewall Down Initiate a FTP session from the one The ftp session is
zone to the opposite zone. The still established
primary firewall shall take over the
secondary firewall and maintain the
stateful for the ftp session
2 Secondary Firewall Physical Same as above Same as above
Link is down
3 Firewall Heartbeat Link is down Same as above Same as above
4 Secondary FW connected Same as above Same as above
switch is down
5 Secondary FW connected Same as above Same as above
switch is not forwarding
Please note that all SSL connections shall be re-established, FTP option disabled after testing.
44

GELI Firewall Management Process V1.0 - Final

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

GELI Firewall Management Process V1.0 - Final

Uploaded by

Copyright:

Available Formats

Internal

Firewall Management Process

PT. Great Eastern Life Indonesia

Division : Information Technology

1. Document Information & History

Document Owner Head of Information Technology

Board of Directors (“BOD”)

Board of Directors (“BOD”)

Document Version 1.0

Date of Last Revision -dd MM 2017

Effective Date 28 September 20180 November August 2018

Date Version Change Reference

28 September 20180 01.10 New

6 1.3 Role and Responibilities 3

7 1.4 Related Documents 3

8 2 Infrastructure System Patch Management Process Flow 4

9 3 Process Steps for Infrastructure System 5

10 4 Patch Schedule for Desktop Operation System Only 6

11 5 Patch Schedule for Infrastructure System (Exclude Desktop)

12 6 Network Patch Review and Deployment Process Flow Diagram

13 7 Process Steps for Network 10

14 8 Patch Schedule for Network 11

3. Information Technology Service Delivery (IT SD)

4. Information Technology Production Support (IT PS)

5. Information Technology Security (IT SEC)

6. Cross Entity Support

18.3 Related Documents

The objectives of this procedure are:

User Request Form (URF) is created

4.2 Exit Criteria

User Request Form (URF) is closed.

- Request for Change stored in target environment.

5.2 Attaching RFC form inside e-Helpdesk URF

If related with Firewall Access please attach this form

The process flow for firewall rules review is illustrated below:

Activity Description Timeline/Schedule

STEP 2 : Review Rules All findings must be

Review ticket I C R,A

Start RFC for IT Infra

Review firewall rules I R,A

Assess Resolutions C C R,A

Raise ITRA I R,A C

Create ticket for

Start RFC for IT Infra

R is the person Responsible to do the activity;

C is the person Consulted before the activity is completed;

I is the person to be Informed once the activity is completed.

9.2 Request For Change system according to requirement.

26 Verification and Validation

Peer Review IT SEC

Analyze the change issue

Measure Metrics Formula

29 Technique and Tools

12.2 Optional Techniques and Tools

30 Applicable Tailoring Criteria

Prepared and Submitted by:

Willianto Lambertus Setiawan WHenki

Henki LubisEric Surya

Ramona EI Napitupulu Reinhard Saut MT Siahaan

Yungki Aldrin Director

Appendix 1 – Firewall Guidelines

 Source IP and Designation will be grouped by zone (e.g. Production or Development).

Application Port Number

Subscribe/Alerting Request 48000-48030 N.A