Professional Documents
Culture Documents
Firewalling Basics: Josh Ballard Network Security Analyst
Firewalling Basics: Josh Ballard Network Security Analyst
Josh Ballard
Network Security
Analyst
Outline
Firewall Types
Default Deny vs. Default
Allow
Campus Offerings
The Importance of Scope
Campus Offerings
For approximately the past
year, we have been
developing and offering
firewall services.
Based on the Cisco
PIX/ASA/FWSM platform.
Campus Offerings
We are in the process of deploying
FWSM-based firewalls virtually in
front of all data center systems.
This allows for differing policy
levels for each group of systems in
the data center.
We can also deploy FWSM
technology to buildings or
departments as applicable and
requested.
Campus Offerings
With our licensing of Trend
Micro, we also have access to
host-based firewalls, as well as
the Windows firewall.
Both of these are controllable
by you as the admin with
appropriate knowledge of your
services and their scopes.
The Importance of
Scope
AKA: Why is firewalling
important?
Consider this example:
Windows Server 2003 System
Running IIS and Exchange
Running RDP for Adminstrative
Control
The Importance of
Scope (2)
Another example - multitiered
UNIX system running Apache
and other web software that
ties to a database backend.
UNIX system running Oracle
database software
Both systems running SSH
Why is scoping important in
this example?
The Importance of
Scoping (3)
So the questions to answer to
write a policy are:
What should we explicitly not
allow?
What services are running on the
systems in questions?
Who needs to access those
services?
What should happen to a packet
that isnt explicitly matched?
Conclusion
Firewalling is an important
piece of any security
infrastructure, both
network-based and hostbased.
It is by no means an endall be-all solution, but can
limit your exposure greatly.
Questions?