Firewall Best Practice 2

Posted by Henry Willcox at 9/3/2008 9:11 AM
Categories: Security
Firewall Best Practice – Simplified Methodology Here we are going to discuss some best practices to be followed while creating a rule base in checkpoint firewall. By following these best practices you can expect a better performance and easy management from checkpoint firewall. Let’s start by identifying some of the general best practices that should be followed for creating an powerful rulebase Best practices for good Rulebase 1. The firewall rulebase should be as simple as possible. The fewer rules you have, the more efficient and less error prone the rulebase will be. 2. Avoid using "Any" in the service field. 3. Use a network object instead of many workstation node objects. 4. Use groups to gather source, destination or services. 5. Anti spoofing should be configured for all the firewall interfaces. 6. Place the most commonly accessed rules on top of the rulebase. This will improve performance and make the firewall more efficient. Firewall-1 searches the rulebase in sequential order. The first rule matching a connection is applied, not the rule that matches best. This checkpoint best practices rules is surely going to result in better firewall performance. This rule is application to any firewall weather its Cisco ASA, PIX, checkpoint, Netscreen or any other firewall. Awesome Technologies Inc www.awesometechhome.com

 del.icio.us  Stumbleupon  Technorati  Digg 

 

What did you think of this article?




Trackbacks
Trackback specific URL for this entry
  • No trackbacks exist for this entry.
Comments
  • No comments exist for this entry.
Leave a comment

Submitted comments will be subject to moderation before being displayed.

 Enter the above security code (required)

 Name (required)

 Email (will not be published) (required)

 Website

Your comment is 0 characters limited to 3000 characters.