Dear geeks,
Again I came with some wonderful topic which enables us to understand the best practice of the firewalls. Here I am going to focus Checkpoint firewall. And also it is common for all firewalls except some points. Because the checkpoint architecture is little bit different from any other firewalls.
1. Always block the multicast packets if it is not necessary.
2. Enable stealth rule.(Which protects our management server from unwanted traffic and attacks from internal machines).
3. At the end of the rule base enable Clean-up rule. It protects our network from intruders ,whom tries to get into by using flaws in our port level.
4.Try to reduce the rule as much as you can.More number of rules will make you fuzzy about it.
5.While defining custom ports , clearly mention what that port going to be used. For example if you are going to define the port for SQL just mention as SQL_PORT.
6.Configuring auto-backup once in a week. It will help us during the time of DR.
7.Widely used rules should be placed at the top of the rule base.
8.And also multiple administrator environment try to create two profiles with one for monitoring and another one for configuring.
No comments:
Post a Comment