Ten Tips for building an enterprise-level firewall

Welcome to the network technology community forum and interact with 2 million technical staff to enter the security research to support the fact that a computer without security protection measures is connected to the broadband network, hackers will be attacked in less than 20 minutes. Imagine what would happen if you connect your Enterprise Network to the Internet without any security measures

Welcome to the network technology community forum and interact with 2 million technical staff> Enter security research to support the fact that once a computer without security protection measures is connected to the broadband network, hackers will be attacked in less than 20 minutes. Imagine what would happen if you connect your Enterprise Network to the Internet without any security measures

Welcome to the network technology community forum and interact with 2 million technical staff> enter

Security Research supports the fact that once a computer without security protection measures is connected to a broadband network, it will be attacked by hackers in less than 20 minutes. Imagine what would happen if you connect your Enterprise Network to the Internet without any security measures? Network Attacks that you cannot imagine will flood your open ports, infect your enterprise computers, and even steal your intellectual property rights.

In the face of this situation, many enterprises rely on network firewalls to monitor the communication protection between the enterprise network and the Internet. As a goalkeeper, the firewall decides what data is allowed in and out of the network and under what conditions.

Purchasing a firewall is the first step to protect your network. However, it is equally important to ensure that the firewall settings comply with industry best practices. How to configure a firewall is significantly different from the performance of the firewall. Learn the following 10 skills provided by the IT expert network to adjust the firewall and enhance your security.

　1. Enhance your system

"Enhancement" is a way to reduce your hardware security vulnerabilities. Before installing the firewall, you must disable any ports used by the local host and disable any protocols or user accounts that you do not use to enhance the local host. Ideally, the firewall should be a supplement to the security measures you have built in the system.

Hardware firewall vendors often boast that their devices are "pre-enhanced" products. However, if you have purchased a software solution, you must do it yourself. Fortunately, there are many resources to introduce how to enhance different machines. Your hardware vendor should also help you.

　　2. Keep it simple

Firewalls are used to enhance network security policies. Therefore, you need a clear set of institutional guidelines before preparing a policy set. Once you have a written security policy, you should try to simplify the setup while maintaining policy consistency. If you use an old security manual, you can simply simplify the security policy into something that only contains the actual content. If you eliminate unnecessary and redundant rules, your firewall will be more efficient and easier to maintain.

　3. Edit Rules for Quick Evaluation

Firewall flow rules are executed in the order you set. Therefore, you need to ensure that the rules listed above are the easiest to handle. If a request matches your previous rules, the firewall does not have to process the subsequent rules.

Easy-to-handle rules include source port information, protocol definitions, IP addresses, and schedules. Complex rules that are hard to handle include domain names, URL sets, content types, and users.

　4. Reject, reject, or reject

Because you only allow approved communications to pass through your network, you should reject all default communications and then enable necessary devices. You can use global denial and global allow rules to do this. Global rules allow all users to provide specific access capabilities, while global deny rules limit the specific access capabilities of many users.

For example, you can use a DNS protocol to set an access permit rule for users and set a deny rule for users who try to use a P2P protocol.

These types of rules will reduce the communication between the firewall and the rule processor, making it easier to enforce certain access policies.

5. Monitor outbound communication

We usually think that network security protects our systems from external threats such as viruses and worms. However, it is equally easy to launch attacks from inside the network. This is one of the reasons why you set up a firewall to filter out network communication and network communication. This filtering is also called Exit filtering to prevent unauthorized communications from leaving the company's computers and servers. This filtering can also prevent internal computers from being used to launch botnet attacks on other servers.

By default, exit filters are used to block all communications and allow certain types of communications for specific servers such as email, Web, and DNS communications.

[1] [2]