This week’s network security tip focuses on the importance of documenting firewall rules. Ramani, an IT Manager in India, says that a best practice is to “document all firewall rules with well-defined comments for each rule. Though it may look insignificant in day-to-day operations, it is a real lifesaver in times of crisis.”
Others agree on the importance of documenting firewall rules and provide specific use cases as to why it is a best practice:
- Luis, a security architect from Columbia, suggests that “When you create temporary rules, make sure to add a comment with the expiration date, and regularly review expired rules.”
- Reinhard, a Support Director from Austria says “Group rules that belong together. Use the same naming on your firewall as you have on your clients/servers. Try to create groups of hosts, networks or services when possible and use the groups instead of adding single objects.”
- Markus, a consultant from Germany says “Use the comment field in rules and objects for enhanced functionality. For example, you can place a validity date for each object to make an easy review of the object base or make a connection to your CMDB by defining a CI reference in the object or rule.”
Thank you to all those who continue to provide us with these excellent network security tips. Have a tip? Share them with us at firstname.lastname@example.org, DM us at @AlgoSec or comment directly on our blog.
Subscribe to Blog
Receive notifications of new posts by email.