PDA

View Full Version : Firewall Policy



mhyasseen@gmail.com
03-31-08, 07:41 AM
Hi
I am an undergraduate student. I have a project related to the
firewall policy. Although I have got some material, I required some
more reference regarding the following topics. Any help would be
appreciated.
(1) What will be size of the firewall policy for an enterprise
network.
(2) What rules in general contain in the rule set i.e., accept. or
deny
(3) What are rules which are at the top of the rule set and which one
are the end of the rule set,
(4) and why the rules at the bottom of the ruleset have the lowest
priority than the rules at the top of the ruleset.

Yaseen

Ansgar -59cobalt- Wiechers
03-31-08, 10:02 AM
mhyasseen@gmail.com wrote:
> I am an undergraduate student. I have a project related to the
> firewall policy. Although I have got some material, I required some
> more reference regarding the following topics. Any help would be
> appreciated.
> (1) What will be size of the firewall policy for an enterprise
> network.

This question doesn't make any sense. What do you mean by "size of the
firewall policy"?

> (2) What rules in general contain in the rule set i.e., accept. or
> deny

Both.

> (3) What are rules which are at the top of the rule set and which one
> are the end of the rule set,

That entirely depends on your particular requirements. Firewalls don't
come as "one size fits all" solutions.

> (4) and why the rules at the bottom of the ruleset have the lowest
> priority than the rules at the top of the ruleset.

Because the rules on top match first (normally, that is).

Read a good book on firewalls (e.g. [1]), and make sure you have at
least a basic understanding of networking before you do.

[1] http://www.oreilly.com/catalog/fire2/

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Jens Hoffmann
03-31-08, 01:39 PM
> (1) What will be size of the firewall policy for an enterprise
> network.

Depends on the needs of the specific enterprise.
Can be between 1 or 2 rules to hundreds of rules and a couple of firewalls
with different rules each.

> (2) What rules in general contain in the rule set i.e., accept. or
> deny

A sensible decision would be to deny any communication which is not
explicitly allowed and wanted.

> (3) What are rules which are at the top of the rule set and which one
> are the end of the rule set,

You are implying a precedence in ordering the rules, which might not
be present in all firewalls.

> (4) and why the rules at the bottom of the ruleset have the lowest
> priority than the rules at the top of the ruleset.

Many firewalls only process the rules top to bottom until they
find a match and then stop processing.

Again, this might not be true for all firewalls.

I personally like: ISBN-13: 978-0201634662 as an introductional book.

Cheers,
Jens

Juergen Nieveler
03-31-08, 01:45 PM
Ansgar -59cobalt- Wiechers <usenet-2008@planetcobalt.net> wrote:

>> (3) What are rules which are at the top of the rule set and which one
>> are the end of the rule set,
>
> That entirely depends on your particular requirements. Firewalls don't
> come as "one size fits all" solutions.

Although usually, the lowest rule of the ruleset will be "Reject all".

Juergen Nieveler
--
Bud said, "Let there be lite" and there was Lite

Todd H.
03-31-08, 11:37 PM
mhyasseen@gmail.com writes:

> Hi
> I am an undergraduate student. I have a project related to the
> firewall policy. Although I have got some material, I required some
> more reference regarding the following topics. Any help would be
> appreciated.
> (1) What will be size of the firewall policy for an enterprise
> network.

The hard part of the answer will be answering this in a way that
doesn't suggest too strongly that your teacher is an idiot for asking
such an inane question.

It varies quite a bit. Not all firewalls deal with rules the same
way. Enterprises vary greatly in their fw complexity dependent upon
whether they're hosting their own internet services how many locations
they have, whether they're dealing with partner extranets, and sch.

> (2) What rules in general contain in the rule set i.e., accept. or
> deny

Fall through of deny any any is a best practice as a default. Aside
from that if there's a web server accepting traffic to tcp/80 and
tcp/443 on it is pretty common. Other than that, it varies by the
companies vpn solution if any, if they're exchaning data with
partners, if they have an ftp server, etc etc

> (3) What are rules which are at the top of the rule set and which one
> are the end of the rule set,
>
> (4) and why the rules at the bottom of the ruleset have the lowest
> priority than the rules at the top of the ruleset.

See 1.

--
Todd H.
http://www.toddh.net/

jc
04-01-08, 02:45 AM
Juergen Nieveler a écrit :
> Ansgar -59cobalt- Wiechers <usenet-2008@planetcobalt.net> wrote:
>
>
>>.....
>
>
> Although usually, the lowest rule of the ruleset

will be

Best HAVE TO BE
"Reject all".
>
> Juergen Nieveler