Versions Compared

Old Version 1

changes.mady.by.user Eric Zematis

Saved on

compared with

New Version Current

changes.mady.by.user Eric Zematis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Firewalls play a crucial role as the first line of defense in safeguarding the confidentiality, integrity, and accessibility availability of university information systems and data. This standard sets forth guidelines for ensuring the secure setup, administration, and supervision of firewalls to reduce the potential threats linked to unauthorized entry and network-based assaults.

...

  1. Implementation

    1. Firewall Configuration:

      1. All firewalls must be configured in accordance with Lehigh’s configuration standards based on industry best practices and security hardening guidelines.

      2. Firewall rulesets should be regularly reviewed and updated to reflect current network requirements and security threats.

        1. Failure to reauthorize the rule should default to expire the rule.

        2. Rules that would make the device publicly addressable will require the device run LTS anti-malware & IDS tools as well as configured for credentialed scans by LTS vulnerability management systems. Discovered vulnerabilities must be addressed.

      3. Default deny policies should be implemented, allowing only explicitly authorized traffic.

      4. Firewall configurations must be documented and version controlled.

    2. Firewall Management:

      1. Firewall administration access should be restricted to authorized personnel with appropriate training.

      2. Firewall changes must be subject to a formal change management process, including review and approval.

      3. Firewall logs should be centrally collected and monitored for suspicious activity.

      4. Regular vulnerability assessments and penetration testing should be conducted on firewalls.

    3. Firewall Monitoring:

      1. Real-time monitoring of firewall activity should be implemented to detect and respond to potential security incidents.

      2. Firewall logs should be retained for a minimum period as defined by the university's data retention policy.

      3. Security alerts generated by firewalls should be promptly investigated and addressed.

  2. Related

...

Date

Version

Description

Approval

0.1

Original Document

Draft

Dec 5, 2024

1.0

Approved - CISO

Approved