logo

Firewall Rules for Network Security: Accessing, Mitigating Virus Attack, VPN Access, VLAN Access, Blocking RFC 1918

   

Added on  2023-06-11

10 Pages922 Words63 Views
 | 
 | 
 | 
FIREWALL RULES
Name
Date of Submission
Subject
Firewall Rules for Network Security: Accessing, Mitigating Virus Attack, VPN Access, VLAN Access, Blocking RFC 1918_1

1.Accessing a network remotely using SSH connections:
SSH connections use port 22 by default for their internet access hence my rule is based on the
latter port for both inbound and outbounds. This is an access from one party only therefore I
am going to use access from specific IP or subnet for that matter as shown below
(Carman,2010).
The firewall rule to enable this is:
$ sudo iptables –A INPUT –p tcp - -s 150.140.130.0/29 --dport 22 –m conntrack -cstate NEW
ESTABLISHED -j ACCEPT
$ sudo iptables -A OUTPUT –p tcp --s port 22 –m conntrack --cstate ESTABLISHED -j ACCEPT
2. Firewall rule to mitigate virus attack on a network.
To do this firewall devides the network into zones; trusted and least trusted zones. The least
trusted zones are the ones infected and needs to be checked. This is achieved by use of firewall
and a cloud tool called wildfire, we write a rule to send files to wildfire for virus
scans(Stallings,2009).To use firewall-wildfire services you need to have an account with wildfire
cloud which one logs in;
Wildfire end
a. Select Device > Setup > wildire and edit settings.
Firewall Rules for Network Security: Accessing, Mitigating Virus Attack, VPN Access, VLAN Access, Blocking RFC 1918_2

b.Use the private wildfire services, define file size for the files the firewall forwards
c. Save.
Firewall end
Enabling firewall to get wildfire signatures;
a. Select Device > Updates:
Enable wildfire-500 appliance.
Then attach the virus profile for scan
Rules;
Test security –policy-match source subnet/IP destination subnet/IP application dns protocol 53
“Network Infrastructure”} from users:43224
Source:any
IP/subnet destination
Router IP application
Source-region-none;
To Data_Center;
Destination any;
Destination-region-none;
User-any;
Category any;
Application/service dns/any/any/any;
Action allow;
Icmp –unreachable: no terminal yes;}
3. Firewall rules to permit VPN access to cooperate network.
On cooperate network (Tankard,2009);
Creating IP object;
Firewall Rules for Network Security: Accessing, Mitigating Virus Attack, VPN Access, VLAN Access, Blocking RFC 1918_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Assignment IT Network Designing
|10
|2046
|84

Firewalls and Network Address Translation
|14
|1609
|73

CISCO Access Control List Configuration
|14
|895
|323

The Advanced Network Security
|17
|2110
|63

Automatic Network Configuration Using Dynamic Host Configuration Protocol (DHCP)
|22
|5978
|247