Define network domain security policy

Create high level structure

Examine other firewalls

Create low-level structure

Test firewall / Review security policy

Periodic testing /Maintenance

Firewall Product Evaluation Checklist

Identification – Who are we buying from

Education and Documentation – Is there sufficient and clear documentation that comes with the product?

Reports and Audits – What is available as far as reports and what audit tools accompany the product?

Attacks and Scenarios – What is our level of protection and what attacks does the current version protect against?

Administrative Concerns – How secure and flexible is the administrative access?

Implementation

The Bottom Line

A firewall is a method of achieving security between trusted and untrusted networks

The choice, configuration and operation of a firewall is defined by policy, which determines the the services and type of access permitted

Firewall = policy+implementation

Firewall = “zone of risk” for the trusted network

Support and not impose a security policy

Use a “deny all services except those specifically permitted” policy

Accommodate new facilities and services

Contain advanced authentication measures

Employ filtering techniques to permit or deny services to specific hosts and use flexible and user-friendly filtering

Use proxy services for applications

Handle dial-in

Log suspicious activity

https://www.bestitdocuments.com/Samples