Home page logo
/

basics logo Security Basics mailing list archives

Re: RE: firewall change request
From: kartik.netsec () gmail com
Date: Tue, 21 Feb 2012 05:21:35 GMT

Hi, we also use browser based form (in fact a ticketing tool) in which we specify what all changes needs to be made. 
For Firewall related forms we have MANDATORY fields like source, destination, Ports, Protocol, If the change is 
temporary or permanent (if temp, specify end date), Impact and Business justification of the change. There is also a 
field which asks for date/ time of the change. However, the changes are made only twice a week.

In our scenario, 

Example 1:- say Unix team requires some ports to be opened on firewall, the change requester opens a request in the 
tool. The request first goes to the MANAGER/ Lead of Unix team for the approval. Then, the request goes to Firewall Mgt 
Lead/ Manager to see the technical stuffs in the request. If he approves, the request finally goes to IT Security 
department wherein CISO approves the change.

Example 2:- Windows team needs to build a server (say physical). They have to build it offline, as they are not 
provided with the IP address by Network team without going through a change control process. Once they get the IP 
address, the server is put in an isolated segment (say DEV/ QA) until security tools (AV/ HIPS/ Sec mgt tools etc) and 
all the relevant patches are installed on them. The server is checked against the hardening policy by Server Admin, and 
then it is scanned against the security tool in order to check if the server complies with the security policy. Once, 
all is OK, a form is signed by Server admin, security admin who ran the scanning tool and IT Security. Then only the 
server is put in Prod network.

The changes with higher impact are first discussed in Change Advisory Board.

There are absolutely no changes that people can make without going through the change management framework.

Thanks,
Kartik, CISSP, CISM

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]