Given the sensitive roles firewalls play in a network infrastructure, the manner in which they are administered and maintained is critical. One of the most common methods for breaking into a firewall is to take advantage of tools made available for the remote administration of the firewalls. This includes exploiting access to the operating system consoles and or access to graphical management interfaces. For this reason access to these administrative tools and firewalls administration must be monitored and controlled.
This policy establishes procedures and requirements to ensure the appropriate protection and continuous operation of a company’s firewall infrastructure.