Standard and Process
Configure the firewall to deny all network traffic and applications by default. Use the appropriate configuration management tools to allow specific network traffic or applications on a case-by-case basis. See the Log Management Standard for firewall log requirements.
Desktops, laptops, servers, and mobile devices should use the operating systems built-in or other software firewall.
The device firewall (e.g. port or IP address filtering) must be used to help protect the computer/device while on the network. The device firewall is often an application that protects an individual host (e.g., personal computer, smartphone, server) and can be a feature of the device operating system. When using your device, periodically check that the device firewall is turned on. Device firewalls can be and are often used jointly with network firewalls.
Maintain a general document that classifies applications and traffic and explains the need and use for access to the device or network.
Where documentation is required, maintain detailed documentation for the requirements and business justification for each rule. Periodically review the documentation and firewall ruleset to ensure that they are still needed and are correctly implemented. Document all reviews and changes to the firewall ruleset. Follow the appropriate change control process for firewall rule changes.
- Device Firewall Tools
- Installation and configuration management
Document Owner: University Information Security
Document Approvers: Brian Dahlin, Chief Information Security Officer; Patton Fast, University Enterprise Architect
Effective Date: August 2010
Last Reviewed Date: November 2014