Given the sensitive roles firewalls play in network infrastructure, how they are administered and maintained is critical. One of the most common methods for breaking into a firewall is to take advantage of tools made available for the remote administration of the firewalls. This can include exploiting access to the operating system consoles and or access to graphical management interfaces. For this reason, access to these administrative tools and firewalls administration must be monitored and controlled.
The purpose of this document is to establish procedures and requirements to ensure the appropriate protection and continuous operation of a company’s firewall infrastructure.