National Institute of Standards and Technology updates firewall guideline documents

The National Institute of Standards and Technology (NIST) updates its firewall guidelines to reflect changes due to networking threats graduating from the perimeter to the interior and up the networking stack making older firewall technologies and policies inadequate.

LINK TO NIST DOCUMENTATION

Updated recommendations for firewall implementation include:

  • Creating a firewall policy that specifies how firewalls should handle network traffic. Policies for handling inbound and outbound traffic should be based on the specific security requirements, based on risk analysis.
  • Identifying all requirements that should be considered when determining which firewall to implement. Organizations need to determine which network areas will be protected by firewalls and what technology is needed. Firewalls must be matched to existing network and security infrastructures.
  • Creating rule sets that implement the organization’s firewall policy while supporting firewall performance. Rule sets should be as specific as possible and be based on the types of traffic needed on a particular network.
  • Managing firewall architectures, policies, software and other components throughout the life of the firewall solutions. Policy rules need to be updated as the organization’s requirements change and when the network and the applications it supports change. Firewall software should be patched as updates are provided.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: