Presentation is loading. Please wait.

Presentation is loading. Please wait.

Firewall Auditing Sean K. Lowder CISSP / MCSE / CCNA

Published byCollin Alban Johns Modified over 8 years ago

Similar presentations

Presentation on theme: "Firewall Auditing Sean K. Lowder CISSP / MCSE / CCNA"— Presentation transcript:

1 Firewall Auditing Sean K. Lowder CISSP / MCSE / CCNA Sean.Lowder@bcbsla.com

2 Sean K. Lowder CISSP ©20072 Bio Currently employed at Blue Cross Blue Shield of Louisiana as the Information Security Manager. I’ve been in the computer industry for 17 years, and has specialized in information security for the last 10 years. I have various industry certifications, including Certified Information Systems Security Professional (CISSP), Certified Novell Engineer (CNE), Microsoft Certified Systems Engineer (MCSE), and Cisco Certified Network Associate (CCNA). I received my BS in Information Technology from University of Phoenix. Previously I’ve directed various projects in the Information Security arena including financial institution penetration testing, Firewall and Virtual Private Network (VPN) configuration, design and deployment. I have extensive experience in preparing for SAS70, HIPAA and financial auditing for all information security areas.

3 Sean K. Lowder CISSP ©20073 What is a firewall? A firewall is a device or collection of components placed between two networks that collectively have the following properties: All traffic from inside to outside, and vice-versa, must pass through the firewall. Only authorized traffic, as defined by the local security policy, will be allowed to pass.

4 Sean K. Lowder CISSP ©20074 Firewall Types First Generation Packet Filtering Firewalls Second Generation Stateful Inspection Firewalls Third Generation Application (Proxy) Firewalls Forth Generation Kernel Proxy technology “Deep packet” inspection IDS / IPS capabilities

5 Sean K. Lowder CISSP ©20075 Defining Audit Scope Firewall Documentation Approval Procedures and Process Firewall Rule Base VPN Layer Seven Switching Internal Testing External Testing

6 Sean K. Lowder CISSP ©20076 Firewall Auditing Methodology Phases I. Gather Documentation II. The Firewall III. The Rule Base IV. Testing and Scanning V. Maintenance and Monitoring

7 Sean K. Lowder CISSP ©20077 Phase I - Gather Documentation Security Policy Change Control Procedures Administrative Controls Network Diagrams IP Address Scheme Firewall Locations IPS Capable?

8 Sean K. Lowder CISSP ©20078 Phase I - Gather Documentation Firewall Vendor Software Version and Patch Level Hardware Platform Operating System Version and Patch Level Administrator training and knowledge

9 Sean K. Lowder CISSP ©20079 Phase II – The Firewall Three “A’s” Authentication Local / Remote Access Logical / Physical Auditing (logs) Local / Remote OS Hardening

10 Sean K. Lowder CISSP ©200710 Phase III – The Rule Base Based on the Organization’s Security Policy Review each rule Business reason Owner Host devices Service Ports Simplicity is the key Most restrictive and least access

11 Sean K. Lowder CISSP ©200711 Phase III – The Rule Base Rule order (first out) Administration Rule ICMP Rule Stealth Rule Cleanup Rule Egress Rules Logging

12 Sean K. Lowder CISSP ©200712 Phase IV – Testing & Scanning Determine & Set Expectations Scan the firewall Nmap Firewalk Scan host behind the firewall Nessus ISS Ensure results match expectations

13 Sean K. Lowder CISSP ©200713 Phase V – Maintenance & Monitoring Change Management and Approval Is the process documented? Is the process being followed? Is there evidence of process? Disaster Recovery Plan Formal? Backup and Recovery Procedures Firewall Logs Reviews Storage and archival

14 Sean K. Lowder CISSP ©200714 Demo

15 Sean K. Lowder CISSP ©200715 Questions???

16 Sean K. Lowder CISSP ©200716 References and Additional Resources The CISSP Prep Guide Ronald L. Krutz & Russell Dean Vines Wiley Publishers ISBN 0-471-41356-9 Firewalls and Internet Security William R. Cheswick and Steven M. Bellovin Addison-Wesley Publishing Company ISBN 0-201-63357-4 Lance Spitzner www.spitzner.net White Paper - Auditing your Firewall Setup White Paper - Building your Firewall Rule base VicomSoft www.firewall-software.com White Paper – Firewall

Download ppt "Firewall Auditing Sean K. Lowder CISSP / MCSE / CCNA"

Similar presentations

FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Security Controls – What Works

Security Controls – What Works
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewall Planning and Design Chapter 1. Learning Objectives Understand the misconceptions about firewalls Realize that a firewall is dependent on an effective.

Firewall Planning and Design Chapter 1. Learning Objectives Understand the misconceptions about firewalls Realize that a firewall is dependent on an effective.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : 97077200 7 August 1999 The Chinese University.

Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Department Of Computer Engineering

Department Of Computer Engineering
Appliance Firewalls A Technology Review By: Brent Huston T h e B l a c k H a t B r i e f i n g s July 7-8, 1999 Las Vegas.

Appliance Firewalls A Technology Review By: Brent Huston T h e B l a c k H a t B r i e f i n g s July 7-8, 1999 Las Vegas.

Similar presentations

Ads by Google