FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.



Similar documents
6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING

USM IT Security Council Guide for Security Event Logging. Version 1.1

Firewall Audit Techniques. K.S.Narayanan HCL Technologies Limited

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

SonicWALL PCI 1.1 Implementation Guide

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

IT General Controls Domain COBIT Domain Control Objective Control Activity Test Plan Test of Controls Results

Firewall and Router Policy

IT Security Standard: Network Device Configuration and Management

Best Practices For Department Server and Enterprise System Checklist

Automate PCI Compliance Monitoring, Investigation & Reporting

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2

Print4 Solutions fully comply with all HIPAA regulations

March

74% 96 Action Items. Compliance

Client Security Risk Assessment Questionnaire

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

ASDI Full Audit Guideline Federal Aviation Administration

Network Security Policy

Security Policy for External Customers

Firewall Environments. Name

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Payment Card Industry Self-Assessment Questionnaire

Controls for the Credit Card Environment Edit Date: May 17, 2007

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Security Technology: Firewalls and VPNs

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Consensus Policy Resource Community. Lab Security Policy

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Internet Banking Internal Control Questionnaire

Log Management Standard 1.0 INTRODUCTION 2.0 SYSTEM AND APPLICATION MONITORING STANDARD. 2.1 Required Logging

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

Determine if the expectations/goals/strategies of the firewall have been identified and are sound.

INCIDENT RESPONSE CHECKLIST

Firewalls. Chapter 3

GE Measurement & Control. Cyber Security for NEI 08-09

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Did you know your security solution can help with PCI compliance too?

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

FIREWALL POLICY November 2006 TNS POL - 008

<COMPANY> PR11 - Log Review Procedure. Document Reference Date 30th September 2014 Document Status. Final Version 3.

Best Practices for PCI DSS V3.0 Network Security Compliance

Critical Controls for Cyber Security.

PierianDx - Clinical Genomicist Workstation Software as a Service FAQ s

FINAL May Guideline on Security Systems for Safeguarding Customer Information

Automation Suite for. 201 CMR Compliance

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

PREPARED BY: AUDIT PROGRAM Author: Lance M. Turcato. APPROVED BY: Logical Security Operating Systems - Generic. Audit Date:

Basics of Internet Security

Network Security Guidelines. e-governance

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Lab Configuring Access Policies and DMZ Settings

HIPAA Security Alert

UMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY

General Standards for Payment Card Environments at Miami University

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Achieving PCI-Compliance through Cyberoam

GFI White Paper PCI-DSS compliance and GFI Software products

Chapter 11 Cloud Application Development

Computer and Network Security Policy

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Lab Configure IOS Firewall IDS

Network Security Administrator

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

General IT Controls Audit Program

A Rackspace White Paper Spring 2010

Firewalls, Tunnels, and Network Intrusion Detection

BKDconnect Security Overview

LogRhythm and PCI Compliance

Overview. Firewall Security. Perimeter Security Devices. Routers

Supplier Information Security Addendum for GE Restricted Data

Introduction to Cyber Security / Information Security

University of Central Florida Class Specification Administrative and Professional. Information Security Officer

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Chapter 9 Firewalls and Intrusion Prevention Systems

U06 IT Infrastructure Policy

CMS Operational Policy for Infrastructure Router Security

ICANWK406A Install, configure and test network security

Name. Description. Rationale

UMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY

Achieving PCI DSS Compliance with Cinxi

Chapter 20 Firewalls. Cryptography and Network Security Chapter 22. What is a Firewall? Introduction 4/19/2010

Guideline on Auditing and Log Management


ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Security Tool Kit System Checklist Departmental Servers and Enterprise Systems

Chapter 4 Firewall Protection and Content Filtering

Retention & Destruction

ADM:49 DPS POLICY MANUAL Page 1 of 5

8. Firewall Design & Implementation

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Transcription:

1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams and identify firewall topologies. 4. Identify the type and version of firewalls implemented. 5. Identify objectives of firewall installation. 6. Identify the operating system supporting the firewall. 7. Identify all Internet Service Providers (ISP) and Virtual Private Networks (VPN). 8. Obtain an understanding of the ISP and VPN contracts. 9. Identify whether methods other than the Firewall are used to provide access to the Internet (from trusted networks) and from the Internet (from untrusted networks) is permitted (i.e., modem, dial-in, etc.). 10. Obtain vendor Firewall default configuration, documentation and update availability. Administration Review 11. Is there documentation that clearly defines the roles and responsibilities of firewall administration, including training and testing of firewall configuration? 12. Is there a list of authorized firewall administrators? (Identify primary and backup administrators). 13. Has the effectiveness of backup administrators in support of the firewall been tested? 14. Is there someone who is responsible for keeping up with current security advisories? Access Control 15. Is there a process used to authorize employees and non-employees access (add, change, delete) to the Internet? 16. What levels of access are privileges granted? 17. Assess the timeliness and completeness of the methods used. 18. Is there a password policy? 19. Have password control features been implemented for all accounts? (I.e. required use, minimum length, periodic changes, etc.). 20. Have the default accounts either been disabled or the original password changed from the vendor provided values.

21. Are there controls that ensure that access to the Internet is granted to only those authorized individuals? 22. Obtain a list of users with access to the firewall and reconcile to documented approved requests. Is each user uniquely identifiable? 23. Evaluate whether the authentication methodologies (i.e., proxy) used are effective. 24. Is non-employee access appropriate? 25. Does the security administrator periodically review the users that have access to the Internet? When was the most recent review? 26. Are there periodic reviews of inactive accounts? What are the actions taken to resolve the discrepancies? 27. What are the security controls used by the VPN in securing access to xyz trusted networks? 28. Are there security controls over the use of modems and other methods (i.e. dial-in) used to access xyz's trusted networks? 29. How is public access to the Web Servers protected by the firewall? Firewall Configuration 30. Evaluate the appropriateness of Firewall topologies implemented. 31. What is the current hardware and software configuration of the Firewall? 32. Have all updates identified by the vendor been applied. 33. Is there a DMZ? Does the firewall properly separate the DMZ from the inside network and the outside network? 34. Is there is a single point at which the internal network can be separated from the Internet? 35. Review Firewall documentation to gain an understanding of the Firewall's capabilities and limitations. 36. Is there a Firewall filter change control procedure? 37. Identify the rules that should be enforced by the firewall (what services are allowed between source and destination). 38. Is encryption used for authorized services? 39. What are the firewall rules currently in place? 40. What are the filtering techniques used to permit or deny services to specified host systems? 41. Is Network Address Translation being performed and, if so, is it properly configured? 42. Evaluate the order of firewall rules for effectiveness.

43. Does the firewall have the following controls in place? URL screening. Port blocking. IP spoofing. Packet screening. Prevent Denial of Service attacks. Incoming Java or ActiveX screening. Anti-virus protection. 44. Does the firewall support a "deny all services except those specifically permitted" policy. 45. Is the Firewall configured according to xyz Standards and Guidelines and does the firewall effectively enforce the Internet security policy? 46. Is the effectiveness of the firewall in enforcing the security policy reported to management? Monitoring 47. Is there an Intrusion Detection System (IDS) in place? 48. What are the threats for which response has been automated (e.g. denial of service attacks, spoofing)? 49. If IDS has not been implemented, determine the extent of intrusion detection automation. 50. Are the firewall activities logged? Are there procedures in place to monitor and act upon any inappropriate activities? 51. Are the actions of staff who have privileged access to the firewall authenticated, monitored and reviewed? 52. Is logging and reporting procedures in place to monitor and act upon any inappropriate activities? 53. Are all inbound services, outbound services, and access attempts to or through the firewall that violates the policy are all logged and monitored. 54. How frequently monitoring is performed? 55. Have alarms been set for significant events or activities? 56. What tools are used to help trend analysis? 57. Do the logs contain sufficient data for user accountability, type of transaction, date/time stamp, terminal location, etc? Are the logs protected to prevent modifications? How long are the logs kept? What media are the logs stored on? 58. What process is used to report, follow-up, evaluate, and resolve all incidents? 59. Obtain copies of firewall reports for review. 60. Are the firewall reports adequate in providing administrative staff with necessary information to help analyze firewall activities (attacks, defenses, configurations and user activities)? 61. What are the processes used to follow-up and resolve incidents?

62. Is the firewall periodically tested from xyz's trusted and untrusted networks. 63. What is the effectiveness of the firewall in enforcing xyz's security policy as reported to management? Physical Security 64. Are there physical methods to prevent unauthorized personnel from accessing Firewall systems? 65. Is there a list of authorized personnel permitted access to Firewall computer rooms? 66. Do all of the authorized personnel need access? 67. Are there physical methods to prevent unauthorized personnel from accessing consoles, closets, routers, etc? Firewall Change Controls 68. Is there a firewall change control procedure in place? Is there documentation for all firewall changes? Have all of the changes been authorized? 69. Are there procedures to inform firewall administrator of any new security-related problems or patches are available arid are applied adequately and timely. 70. Is there a Disaster recovery contingency plan? Has the recovery been tested? Backup and Recovery 71. Evaluate the adequacy of backup and recovery procedures (including retention). 72. How frequently are backups performed? 73. Is encryption used when performing backups? 74. What were the results of the last successful backup test? Operating System 75. Verify the operating system type and version, including patch history. 76. Evaluate account management process. 77. Assess the adequacy of the approval process. 78. Identify types of accounts authorized to have access. 79. Evaluate the adequacy of access controls and authentication. 80. Assess appropriateness of all accounts.

81. Assess the adequacy of password controls. 82. Do all of the network services need to be in place? 83. Identify & evaluate the effectiveness of performance monitoring and control procedure.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information