The Essay On Firewall Implementation And Policy Is Crucial.

You will need to produce the following components in the form of an academic report. To secure and mitigate computer systems risks/threats, an understanding of how to discover flaws/vulnerabilities on that system is extremely necessary. Therefore penetration testing and ethical hacking are an integral part of computer security. For this part of the assignment you need to complete the following tasks;

1. Define ethical hacking /pen testing
2. Highlight on the difference between penetration testing and ethical hacking.
3. Discuss the needs to perform ethical hacking and present evidence of how efficient it is to relay on ethical hacking to improve an organisation security.
 

In every LAN where there are more than one user Firewall is an essential component. Firewall will restrict any traffic that are instructed to either reject or accept basing on the rules provided. Firewall provide a control center for all the inbound and outbound traffics in every network. Several activities in any network takes place. (SearchNetworking, 2018) Those activities can be malicious or attack from internal or external networks. As a result a firewall need to be implemented to protect the use of firewall in any organization.

(Joshi, 2016) The importance of the firewall policy is to define how the administrator or third party providers will manage and maintain the firewall in the organization. The policy will state in a clear manner how a leased from service providers or locally installed firewall will be implemented in the network infrastructure. 

Client computer trying to ping the server A with a configured firewall. The firewall have been set to drop any ICMB packets. We can see the ping request lost is at 100%. This means that the server is not replying to the client that the server is up. On the other side that’s server (A) terminal showing some of the configured Iptables’ rules. 

The client computer trying to access the http service at port 80. Since in our server’s firewall we have block the access of http service which run on port 80 our client ip and port that the curl request is trying to access would be block since the request math the already rule in our firewall that will drop/reject the request.

The above sample screenshots shows that our firewall is effective and well configured. I just provide only sample of proof of concept. Other rules that have already added to our firewalls such as IP spoofing and syn-flood rules are also effective therefore the firewall implementation can be used in production and more rules can be added. 

Table 1.0 shows the firewall rules implemented in this exercise.

Documentation. (Joshi, 2016) Before deploying a firewall a diagram showing the paths and its description or the reason justifying why firewall has been set it up at that path should be well explain and submitted to the head of security and infrastructure. The audit of this has to be checked to ensure that it conformed to the already set rule and standards. Every time there is a change of firewall path the same process has to be done.

Proof of Concept Implementation

Default to block/Reject/Drop. Any connectivity path that has not been included should not be able to connect to other path of the network. Only approved network path which are already documented should be used for connectivity. Any other new path must be in conformance with this policy and must be approved and documented.

Testing. Regular testing must be done in the network. This will ensures that the proper configuration are in conformance with the set standard. This testing ensures that machines that are able to acquire resources as per the documented policy. This testing also helps to validate the set administrative roles in the network. The test must be perform by the experts that are not part or known to an organization. This will ensure thorough audit of the network without hiding any suspicious security flaws or which does not conform to the laid standard.

Logging. Every service that is running within the firewall must be logged. This will ensures that any activities that are malicious are track. In case of attack or failure to follow the set standards and rules in the organization, an individual will be responsible for the damage that may occur. Logging of services also help to identify bugs in the network. This will help administrators to report for bugs. Also any failure of a service in the network can be identified using logs files.

Inbound connections. (EWEKA and ELANGO, 2015) All the connections that comes from outside must pass through the firewall. If the internal users are assessing the internal network then VPN must be implemented to tunnel there traffic through firewall.

Firewall administration. Only the system administrators are allowed to access, modify rule and update the documentation that keep tracks of current implemented rules. Date of modification of any rule must be stated and a little description. This will help to solve in case of arising case in the future.

Firewall rule backup. The firewall backup must be kept in a secured place. In case of the hardware failure the backup will be restored to a new firewall. This will reduce the down time of firewall in the network.

Updates. Firewall regular updates must be check. This will ensure absolute security in case of vulnerability in the software. Vendors do release updates to improve performance and patch the existing vulnerabilities in case if they are.

Security. Firewall should be place be place in a room where there is lock. Only authorized users are allowed to enter to that room with approval from the head of security and a document must be signed illustrating date and time of access, reason for accessing firewall room. The files must be kept for future records.

Conclusion

In conclusion, firewall policy will ensure that the administrators adhere to the set standards in an organization which help to provide a better security for every network infrastructure. As a result policy will create awareness of how to maintain and guide system administrators.  

References

File, H. (2018). How to Log Linux IPTables Firewall Dropped Packets to a Log File. [online] Thegeekstuff.com. Available at: https://www.thegeekstuff.com/2012/08/iptables-log-packets/?utm_source=feedburner [Accessed 25 Apr. 2018].

Help.ubuntu.com. (2018). IptablesHowTo - Community Help Wiki. [online] Available at: https://help.ubuntu.com/community/IptablesHowTo [Accessed 25 Apr. 2018].

Howtogeek.com. (2018). The Beginner’s Guide to iptables, the Linux Firewall. [online] Available at: https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/ [Accessed 25 Apr. 2018].

Bashir, A. and Hussain Mir, A. (2018). Securing Communication in MQTT enabled Internet of Things with Lightweight security protocol. EAI Endorsed Transactions on Internet of Things, 3(12), p.154390.

SearchNetworking. (2018). Firewall implementation: Perimeter security placement and management. [online] Available at: https://searchnetworking.techtarget.com/tutorial/Firewall-implementation-Perimeter-security-placement-and-management [Accessed 25 Apr. 2018].

Chu, J. and Li, Z. (2015). Design and Implementation of the Firewall Policy Audit Based on Improved Policy Tree. Applied Mechanics and Materials, 736, pp.179-182.

Joshi, P. (2016). Implementing Firewall using IP Tables in Linux. International journal of Emerging Trends in Science and Technology.

Chu, J. and Li, Z. (2015). Design and Implementation of the Firewall Policy Audit Based on Improved Policy Tree. Applied Mechanics and Materials, 736, pp.179-182.