Need a discussion answer and replies for two discussions
Ramanuja Charya Govardhanam
Week 10 Discussion
Top of Form
The firewall evolution criteria developed in the organization helps in protecting the important information that is saved in the system. Every organization adopts a firewall in securing the information. The firewall helps the organization in guiding them to success. The firewall helps in analyzing all the information that is stored in the system. The firewall evolution criteria enable the employees in a company to work with collaboration, which brings all the employees together and achieve their goals. The firewall evolution criteria also help in promoting innovation. The business organization uses firewall evolution criteria to gather a large amount of information from anywhere by using any compatible device. The firewall evolution criteria use static filtering which examines some specific elements which include source and destination (Lee & Yang, 2017).
A firewall is a network device, which is designed to protect the system from harmful files, network traffic, and virus-infected software. It acts as a barrier and sorts out the harmful network according to pre-established rules. The firewall evolution criteria block and filter the spread of harmful files and keep the system virus-free. The main purpose of the firewall evolution criteria is to reduce or eliminate unwanted network communication and allow safe files to work freely. In the IT environment, the firewall evolution criteria play a crucial role. The firewall evolution criteria carefully analyze all the incoming files and filter the files which come from an unsecured source and prevent the system from infecting the virus. It acts as a guard against incoming traffic at the computer's entry point and monitors incoming and outgoing network services (Ghorbani et al., 2019).
References
Lee, H. Y., & Yang, H. S. (2017). Construction of Security Evaluation Criteria for Web Application Firewall. Journal of digital Convergence, 15(5), 197-205.
Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2019). An evaluation framework for network security visualizations. Computers & Security, 84, 70-92
Mahmood Hussain
Bottom of Form
Discussion- 10
Top of Form
Every organization shall look into the effectiveness of its security operations, likewise the firewall which is an important tool for the security of an organization shall be evaluated on regular intervals to check its weak point and areas to work on, the changes in the firewall is unavoidable, it is the process which makes the firewall rules to remain and improves its strength in terms of securing the network. On the other hand, if these changes in firewall is not well planned then they can lead to a gaping hole for the security of network. So a good well-organized change in firewall should include, a thorough and detailed plan about the changes and its goals, and listing the total possible risk factors if these changes takes place, and the last but not the least should be audit trails for all the changes made, which should also include why, who made the changes with the outcome or result of the change.
Planning consistent firewall security audits, this process ensures the firewall rules are compatible with the organizations security guidelines, firewall changes occurred due to error or unauthorized behavior can lead to non-compliance, and risk of exposure to a different network or misconfiguration.
It is always a good practice to have a centralized management of firewalls from different vendors, most of the organization prefer having firewalls from different vendors to increase the security, for example a cisco firewall have a features of setting the rules that can be implemented on entry and exit points of traffic along with the controlling of NAT, whereas Juniper Netscreen firewall gives the ability to set the rules according to the initiating and destination zone. Besides this regular updating of firewall software and monitoring who can access the firewall update, edit and modification shall be included in the list besides crackdown and augment firewall rule base. I believe these practices in my organization avoids most of the network security issues but the scope for improvement it does exist, and I believe the other evaluation criteria which needs to be implemented to strengthen the firewall rules and security should include, more scrutinized on the no-exceptions policy, when traffic flows, it needs to be through multiple firewalls and shall flow according to the guidelines set, besides this the restrictions for internet access for the employees should be minimal when they connect for their personal use, as it’s the biggest risk associated to malware, social engineering and attempts of intrusions.
Reference :-
M, S. P. Kumar., & D, Haritha. (2018). Secure SCADA Firewall Autmation and Implication for Best Practices. International Journal of Computer Sciences and Engineering, 6(7), 179–190. https://doi.org/10.26438/ijcse/v6i7.179190
Firewall: A Security Point of a Network. (2015). International Journal of Science and Research (IJSR), 4(12), 1568–1570. https://doi.org/10.21275/v4i12.nov152325