So long story short. We need to rekajigger our network design.
In that we also need to update the Firewall rule base to accommodate this, but also clean up our rules as well. (We have over 500 between network and application layer.)
This is a bit new to me.. So i'm trying to educate myself on the best way to organize this for a better layout, performance, and less headaches overall. (Whoops this rule is still getting caught on the catch all because of routing!!)
Meaning categories? Systems, networks, services?
The current implementation looks like someone had a plan, then abandoned it or someone else took over. It starts out with main, then moves to specific appliances, then back to say protected networks, then random specific vendor/business systems. + Whatever application layer is on top of that. (Mostly for URL/content filtering, but some other specific sites too.)
Using checkpoint with most of the bells and whistles. So IPS/IDS, TLSi, limited vpn integration etc.
Thanks in advance.
No comments:
Post a Comment