Perimeter Best Practices

The three golden rules for defining access rules on your firewall are as follows: Enforce a restrictive policy, only allow traffic “required” for your company to run, and deny all other traffic. If you are being asked to allow new traffic through your firewall, err on the side of caution. Deny the request until you do research and understand the potential security impact of allowing the request.

This rule is enforced by default in the ASA/PIX Security Appliance. It comes configured to not let any traffic in from the outside, except as a response to traffic that has been requested from the inside. When you generate access lists, if the requirement is to have web traffic to a web server, make sure you write your access ...

Get Securing Your Business with Cisco ASA and PIX Firewalls now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.