IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

S 2.73 Selecting a suitable firewall<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: <strong>IT</strong> Security Management, Administrators<br />

After a security policy has been determined for the firewall, it must be decided<br />

which components are to be used for the implementation of the firewall. A<br />

suitable configuration is to be selected.<br />

<strong>The</strong> following are possible configurations:<br />

- Exclusive use of a packet filter<br />

zu<br />

schützendes<br />

Netz<br />

This configuration consists exclusively of a packet filter which filters the<br />

information of the lower layers and either accepts or denies packets<br />

according to special regulations.<br />

- dual-homed gateway<br />

zu<br />

schützendes<br />

Netz<br />

This configuration consists of an application gateway which is fitted with<br />

two network interfaces and which is used as the sole junction between two<br />

networks. Application gateways filter information on layer 7 of the OSI<br />

layer model. <strong>The</strong> dual-homed gateway must be configured in such a way<br />

that no packets can pass unfiltered, i.e. IP forwarding must be switched off,<br />

in particular.<br />

- Screened Sub-net<br />

A screened sub-net is a sub-network between a network requiring<br />

protection and an external network, with firewall components checking<br />

connections and packets.<br />

A screened sub-net consists of an application gateway and one or two<br />

packet filters. <strong>The</strong> packet filters are located in front of and/or behind the<br />

gateway and together they form a sub-network. A screened sub-net can, for<br />

example, contain a dual-homed gateway. <strong>The</strong> filter rules are created in<br />

such a way that each connection from inside or outside has to pass the<br />

gateway.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000<br />

Packet Filter<br />

Application-<br />

Gateway<br />

unsicheres<br />

Netz<br />

unsicheres<br />

Netz

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!