Eicon Networks S92 Bedienungsanleitung PDF herunterladen (Seite 88)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 88

n Inournetwork, Internal_Clients(192.168.17.0)canfreelyaccess

Internal_Servers(192.168.18.0).Whetherornottrafficcanbeinitiatedfrom

Internal_Serversdependsontheserverapplicationsinuse.Since

Internal_Serversisprettysecure,andjustincasethatcertainmaintenancetraffic

hastooriginatefromtheserverstotheclients,wewillhaveboth 192.168.18.0

and192.168.17.0configuredas Trusted.

n SinceInternal_Clientsistrusted,intheoryitcanmakeoutgoinginternetaccess

requeststoeverywhere.Wewill,however,implementinternetaccessrestrictions

onanasneededbasisatISA_Cache.

n Internal_Admin(192.168.19.0)canaccessInternal_Clientsandnotviceversa,

meaning192.168.19.0shouldbetreatedasTrusted.Wewillblock

Internal_Clients’srequeststowardsInternal_Admin viaNorton2_IDS.

n Critical_Resources(192.168.21.0)canbeaccessedbyInternal_Clientsandnot

viceversa,so192.168.21.0shouldbeRestricted.Nodirectaccessfrom

Public_Services(192.168.8.0)iseverallowed,so192.168.8.0shouldbe

Restrictedaswell.Internal_Clients’srequeststowardsPublic_Servicesare

furtherfilteredatFW2_B2C.

n NorequeststowardsInternal_ClientscanbemadefromRAS_Net(192.168.22.0)

Core_Net(192.168.16.0) norInternal_Dev (192.168.20.0).Thesesubnetsshould

beRestrictedaltogether.

ConfiguretheSecurityLevel:

Weneedthehighestpossiblelevelofsecurityhere.Tosetsuchsecurity,useCustom

Settings,andseteverythingtoHigh.Allthealertoptionsshouldbeenabledaswell.

1 2 ... 83 84 85 86 87 88 89 90 91 92 93 ... 208 209

Keine Kommentare

Eicon Networks S92 Bedienungsanleitung Seite 88