Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Implementation

    1. Firewall Configuration:

      1. All firewalls must be configured in accordance with Lehigh’s configuration standards based on industry best practices and security hardening guidelines.

      2. Firewall rulesets should be regularly reviewed and updated to reflect current network requirements and security threats.

        1. Failure to reauthorize the rule should default to expire the rule.

        2. Rules that would make the device publicly addressable will require the device run LTS anti-malware & IDS tools as well as configured for credentialed scans by LTS vulnerability management systems. Discovered vulnerabilities must be addressed.

      3. Default deny policies should be implemented, allowing only explicitly authorized traffic.

      4. Firewall configurations must be documented and version controlled.

    2. Firewall Management:

      1. Firewall administration access should be restricted to authorized personnel with appropriate training.

      2. Firewall changes must be subject to a formal change management process, including review and approval.

      3. Firewall logs should be centrally collected and monitored for suspicious activity.

      4. Regular vulnerability assessments and penetration testing should be conducted on firewalls.

    3. Firewall Monitoring:

      1. Real-time monitoring of firewall activity should be implemented to detect and respond to potential security incidents.

      2. Firewall logs should be retained for a minimum period as defined by the university's data retention policy.

      3. Security alerts generated by firewalls should be promptly investigated and addressed.

  2. Related

...