Eicon Networks S92 Manual do Utilizador descarregar pdf (Página 92)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 92

ConfiguringtheN orton2_IDSFirewall:

Refertot he“ProductsPreparation”section forinformationonNortonPersonalFirewall2002.

Refertot he“ProductsPreparation”section forinformationonWindows2000hardening.

Norton2_IDSsitsbetweentheinternal coreswitch andtheInternal_Adminsegment.

SecurityPolicy:

Thepoliciestobeenforcedhereare:

1. NoconnectiontowardsInternal_Admincaneverbeinitiatedfromanyother

segment.

2. OutboundaccessrequestsmadebyInternal_Adminarenotrestrictedbythis

firewall.

3. Whentheadministratorsaccesstheinternet,JavaandActiveXcodesare

blocked.

4. Dropandlogeverythingelse.

DefiningtheZones:

n Inournetwork, Internal_Admin(192.168.19.0) canaccessanywhere. Therefore,

192.168.19.0mustbe Trusted.

n Norequeststowards Internal_AdmincaneverbemadefromInternal_Clients

(192.168.17.0), Internal_Dev(192.168.20.0),Critical_Resources(192.168.21.0),

Public_Services(192.168.8.0),RAS_Net(192.168.22.0)nor Core_Net

(192.168.16.0). Thesesubnetsshouldall beRestricted.

n WhetherornottrafficcanbeinitiatedfromInternal_Serversdependsonthe

serverapplicationsinuse.SinceInternal_Serversisprettysecureunderthe

protectionoftheVisNeticfirewall,andjustincasethatcertainmaintenance

traffichastooriginatefromtheserverstotheclients,wewillhave

Internal_Servers(192.168.18.0)configuredasTrusted.

1 2 ... 87 88 89 90 91 92 93 94 95 96 97 ... 208 209

Sem comentários

Eicon Networks S92 Manual do Utilizador Página 92