[SOLVED] What is a firewall policy? Why is it necessary? How is a firewall policy created?
Need help with my Computer Science question – Im studying for my class.
You have been asked to explain the concept of a firewall policy. Research firewall policies, and in a 23-paragraph post, answer the following questions:
- What is a firewall policy?
- Why is it necessary?
- How is a firewall policy created?
Respond:
A firewall can be hardware, software, or a combination of both, and is designed to examine network traffic and enforce policies to combat malicious activities or attacks on computing resources and network-accessible information (Firewall Policy, 2016). The firewall policies provides guidance on when firewalls are required or recommended in all instances where sensitive data is stored or processed, and they are especially helpful in cases where multiple firewalls are being used, such as a network firewall and a host firewall each with special requirements to provide additional protection in the event of a compromise or failure (Firewall Policy, 2016).
Firewall policies are an important part of securing a network because they provide security rules to network traffic in a specific context by classifying the traffic by matching source and destination zones, source and destination addresses, etc. (Firewall Policies Best Practices, n.d.). The policies enforce the traffic rules on a network and one example of a policy is the least privilege policy. This policy is similar to least access privilege, only allowing the least amount of access to a network to perform a specific job in a organization, but is applied to the network traffic itself allowing only by making the rules as tight as possible in terms of matching specific criteria (Firewall Policies Best Practices, n.d.).
The necessary firewall policies are greatly determined by the needs of the network security design, but the hardware or software firewalls come with default firewall policies already set up, but a new firewall policy can be created within the hardware or software. For instance, in Symantec Endpoint Protection firewall has default rules and settings set-up for an office environment but you can go into it and add new firewall rules, enable and customize notifications to users that access applications that are blocked, enable automatic firewall rules, configure protection and stealth settings, integrate Symantec Endpoint Protection with Windows Firewall, and Configure peer-to-peer authentication (Creating a Firewall Policy, n.d.). The firewall rules are the components of the policy and control how the firewall protects computers from malicious traffic or applications but without specific rules the policy and firewall would be ineffective (Creating a Firewall Policy, n.d.).
Reference:
Firewall Policy. (2016, Dec). Northwestern University. Retrieved from https://www.it.northwestern.edu/policies/firewall.html
Firewall Policies Best Practices. (n.d.). Juniper Networks. Retrieved from https://www.juniper.net/documentation/en_US/junos-space16.1/topics/concept/junos-space-firewall-policy-best-practice.html
Creating a Firewall Policy. (n.d.). Symantec. Retrieved from https://support.symantec.com/us/en/article.HOWTO80974.html
