08/05/2024 | Press release | Distributed by Public on 08/05/2024 06:12
Last updated August 5th, 2024 by Erez Tadmor
Today's digital business operations sit on a foundation of network security. As cyberattacks increasingly exploit vulnerabilities that give them remote access to systems and networks, managing firewall policies and rules is fundamental to protecting sensitive data.
In the US, the National Institute of Standards and Technology (NIST)sets the guidelines for information security controls. At a high level, the NIST Cybersecurity Framework (CSF) outlines Categories and Subcategories of security controls that organizations should implement.
However, as you dig deeper into the NIST documentation, you will find that NIST Special Publication (SP) 800-53 revision 5, released in 2020, details lower-level controls. However, to understand the detailed requirements for implementing compliance firewalls, SP 800-53 references the 2009 document NIST SP 800-41 revision 1 details "Guidelines on Firewalls and Firewall Policy."
Manyregulations, compliance frameworks, and security standards align with or use NIST to guide their network security posture, including:
These information security standards and regulations act as a baseline for how to mitigate cyberattack risk by implementing robust network security.
This NIST firewall audit checklist can help you understand the key requirements for achieving compliance.
NIST 800-53 defines the security controls necessary for meeting basic cybersecurity hygiene. Across the 492 pages, you can find references to firewalls under the following control categories.
Access Control:
Configuration Management:
Incident Response:
Risk Assessment:
System and Services Acquisition:
System and Communications Protection:
System and Information Integrity:
Despite its 2009 publication date, NIST 800-41 remains the primary guiding document for firewall implementation and management.
After defining the diverse types of firewall and network architecture models, the publication summarizes key recommendations:
After identifying these primary considerations, NIST discusses the different firewall policies. Fundamentally, the publication explains that you should build firewalls around your risk management objectives by identifying the traffic necessary for business operations and how to secure it.
When basing your policies in IP addresses and protocols, you should consider the following:
Recommendations for firewall configurations that protect information systems and use IP addresses include blocking:
For TCP and UDP, NIST recommends firewall rules that:
Application firewalls offer an additional security layer and can mitigate malicious traffic risks.
When using an application firewall to shield your application server against DoS, you should:
Outbound application firewalls enable you to better detect and mitigate risky connections. You should use an HTTP proxy because it enables you to:
To mitigate therisk of unauthorized access to resources, you should:
Even NIST notes that crafting firewall rules around network activity is challenging. Some considerations for network activity security policies include system administrators:
Your firewall software and hardware can pose a security risk, and these need to be treated similarly to other technologies. Some best practices include:
Maintaining your firewall architecture, policies, and software is the most challenging part of NIST compliance. Some best practices include:
Ensuring firewall policies remain effective is critical to network security. As you work to achieve compliance with cybersecurity and information security standards and regulations, you need visibility into security configurations across your on-premisesand cloud environments.
Tufin enables you to achieve continuous compliancewith automated change management workflows that give you real-time insights into risk, enable rapid remediation, and provide an audit trail.
To learn how Tufin can accelerate your NIST compliance objectives, contact us for a demo.
Subscribe to our weekly blog digest