Incorrectly configured rules can open up the wrong type of access to an environment
and invite hackers in. It is therefore important to audit these settings on a regular
basis as well to ensure that they are set in the way that is necessary for functional security.
The basic rule of thumb with ISA firewall policy rules is to deny all traffic unless a specific
need has been established that the traffic will be allowed. The key to a successful ISA firewall
deployment is to identify the entire range of functionality that will be necessary in
advance, and then to create individual rules to reflect that functionality.
Firewall rules are applied to network traffic from top to bottom in the list. This is important
to note because specific rules may need to be applied before other ones are. For
example, if a rule at the top of the list is set to deny HTTP traffic to a particular network
segment, and a later rule allows it, the traffic is denied because it hits the upper rule first.
Rule placement is therefore an important component of an ISA firewall policy.
To move rules up or down in the policy list, select a rule by clicking on it and then click
the link entitled Move Selected Rules Down or Move Selected Rules Up, depending on the
specific need.
Pages:
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300