Filter and Firewall
Left running head:
Chapter name (automatic)
732
Beta
Beta
CLI Configuration Guide
Alcatel-Lucent
S
ECURITY
-
B
EST
P
RACTICES
"
Security is not a product, it's a process
". This is a very famous saying by
Bruce Schneier. Nothing in security is "set it and forget it!" Security cannot be
achieved with point products-it is an ongoing process that never ends. A firewall is
a very important part of security, but it is a small part. There are instances where
one has the best firewall product installed but poorly configured one. This is same
as not having one.
It becomes imperative, hence to know what are the best practices to follow when
configuring a firewall. The below said discussion gives a broad guideline to
configure a firewall which protects the network against the hackers as well as the
Denial-of -Service attacks. Below are some rules, procedures and restrictions you
may use to provide level of security in the network.
The following are some general procedures, which needs to be kept in mind.
(These are independent of Firewall configuration).
•
Keeping network user accounts off the Internet service computers such as web
servers. FTP servers and firewall. Having separate administrative accounts with
different passwords for these devices.
•
Regularly scan the system logs for failed logon attempts to network services and
failed connection attempts to web servers, FTP servers, etc.
•
Regularly scan system user accounts for unauthorized addition or modification of
user accounts for network services
•
Performing regular backups.
R
ULES
FOR
C
ONFIGURING
P
ACKET
F
ILTERS
A packet filter will not stop a concentrated network attack from exploiting service
protocol weaknesses, but it will stop the simplest Denial -of- service attacks.
These rules control the flow of several different kinds of packet through the
firewall. The point to be noted here is that rules are evaluated by firewall from first
to last.
The rules are:
•
ICMP Rules
•
IP Rules
•
UDP Rules
•
TCP Rules
Summary of Contents for OmniAccess 700
Page 38: ...Left running head Chapter name automatic 12 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 176: ...Left running head Chapter name automatic 150 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 260: ...Left running head Chapter name automatic 234 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 434: ...Left running head Chapter name automatic 408 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 464: ...Left running head Chapter name automatic 438 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 638: ...Left running head Chapter name automatic 612 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 940: ...Left running head Chapter name automatic 914 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 1002: ...Left running head Chapter name automatic 976 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 1120: ...Left running head Chapter name automatic 2 Beta Beta CLI Configuration Guide Alcatel Lucent ...