>

Most Viewed Networking Devices:

  1. Small business firewalls
  2. Computer networking hardware
  3. High speed gigabit PCI adapter
  4. USB 3.0 PCI Card for Super Speed Data Transfer Rate
  5. Small Business Computer Network with Apple Mac Mini Server
  6. NSA 240 Sonicwall Small Business Network Security
  7. Cisco WRVS4400N Wireless Security Router
  8. Cisco RV 120W Wireless-N VPN Firewall and VLAN Router
  9. Cisco RV016 Multi WAN Router For Small Business
  10. Cisco RV220W Small Business Router
  11. Cisco RV082 Dual WAN VPN Router
  12. Edimax EnduraLINK ER-1088 Multi WAN Routers
  13. TL-R4299G Dual WAN Router for Internet Café
  14. New WNDR4500 N900 Vs Tew-692GR N900 Routers
  15. Netgear WNDR4000 and WNDR3800 Dual Band Routers
  16. Linksys E2500 Advanced Dual Band Router Vs E2000
  17. Linksys E-4200 Dual Band Gigabit Router

Most viewed Security Management:

  1. Information security management
  2. Firewalls Security Guidelines
  3. Business Continuity and Disaster Recovery Planning
  4. An Example of LAN Network Risk Assessment
  5. Information security policy guidelines
  6. Network Security Best Practices
  7. IT Security Risk Assessment

Most Viewed Networking Concepts:

  1. Local area network topology
  2. LAN Cable - standard deployment
  3. Easy way to calculate subnet mask
  4. VLAN tutorial
  5. WAN technologies
  6. Route summarization
  7. Understanding firewall with DMZ

 
«  
  »

Firewall Contingency Plan

The contingency plans must be formally documented and tested to ensure a stable and secure network platform is available

Firewall Contingency plans must be prepared which address the response and action procedures that are to be taken in the event of various network firewall security related issues. These events include system / host compromise, security attacks, system malfunction and firewall (gateway) outages. The contingency plans must be kept up to date to reflect changes both within the corporate environment and Internet security best practices. The contingency plans must be formally documented and tested to ensure a stable and secure network platform is available within the corporate network at all times.

As part of firewall security standards – developing a security contingency plan is essential to maintaining the operation health and security of the corporate network. It also provides a framework to which disaster recovery procedures can be followed. The minimum requirement with regards to “Contingency Planning” is:

  • A documented plan must be developed that defines the procedures involved to recover from security related incidents.
  • A contingency plan must be periodically tested to ensure that it accurately reflects any changes made to the network environment

There are two areas we need to pay attention to regarding firewall contingency planning:

1. Prevention

Preventative strategies include methods, which should be taken to avoid a potential disaster from happening. Such measures are crucial to the mitigation of the risk and are usually implemented upon the identification of a potential risk. Examples of preventative strategies include:

  • System and data configuration backup
  • Firewall physical security
  • Two redundant firewall system

2. Recovery

Recovery strategies include steps that are taken when a disaster occurs. These steps are required to be swiftly executed to avoid prolonged timeframes in regaining an acceptable level of operation. Examples of Recovery strategies include:

  • System or data configuration restoration from backup media
  • Restoring the faulty one to be operational if redundant system is deployed

By not developing a contingency plan, security related issues may cause uncontrolled security breaches and unnecessary network down-time.

In the previous discussion about firewall functional requirements, you should also read the other series about firewall security – firewall access privileges. Privileges to modify the firewall configuration (rule base) must be restricted to authorized security personnel.

See also:

Share
April 1st, 2009 | Tags: , | Category: Firewall Security

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>