Firewalls: Jumpstart for Network and Systems Administrators

Appendix F: Network Interconnections A Major Point of Vulnerability

Conducting a thorough firewall network security audit has never been more critical. Almost every organization is connected to the Internet in some way, the number of network interconnections between organizations is growing, and the ranks of telecommuters are increasing. Of course, for an audit to be effective, you need to know where and how to look for the major point of vulnerability.

Before starting a firewall network security audit, you should create a project plan that describes what you are preparing to do and the purpose of each step. A full audit should be comprehensive and include the following items:

  • Desktop software vulnerabilities and policies

  • External and internal firewall network vulnerabilities (including partner relationships)

  • Host vulnerabilities (Windows, UNIX, Mac, etc.)

  • Internal firewall network vulnerabilities

  • Organizational procedures

  • Password procedures

  • Remote user procedures

As you can see from the preceding list, much more than technology needs to be addressed to complete a successful firewall network security audit. A good audit will involve management and will evaluate the policies (or lack thereof) that an organization has in place regarding installed software, passwords, and so on. A formal firewall network security audit consists of four phases:

  • Assessment During this phase, information is gathered and problems are identified and analyzed.

  • Critical fixes Problems that are extremely serious or that require only simple quick fixes are addressed during this phase.

  • Update other fixes During this phase, fixes with low to intermediate priority are addressed.

  • Continuing...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Network Security Platforms
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.