Firewall & Security Policy Checklist

  Its important to evaluate your security measures once in a while, try to regularly check your corporate security policies after a major change or before adding a security product to your infrastructure. move on these steps:

• Identify wihich Resources must be secure and which order of priority (Risk Management).
• determine minimum Security needs for WAN connections like:

                 -Employee remote VPN

                 -Office-to-office VPN

                 -Employee and vendor Broadband

                 -Business-to-business access

• The Security team must have quick access to Network Documentation: Network diagrams, trending data, Protocol Utilization, Data points, configuration Documentaion.
• The Security team must know how systems should be restored
• The information disclosure policy must address the following relationship to a security issue:

             -what information is shared?

             -is information shared with others?

             -Mission critical information

• Provide a way of documenting security violation reports, for example: denied access messages,failed passwords, login attempts and attempts to access back doors.
• Provide alternative communication methods for intrusions and penetrations.
• Establish Cycle of updates to secure your computers and changing any security policies.
• Review the legality of your Security policies and procedures.
• Review Lessons learned:

               -Does you Intrusion detection system work?

               -How does your responce procedures work?

               -Do you provide the correct steps to neutralize any threats?

               -What happened? what did not work?

These steps can help you measure your corporate overall security, from the perspective of products, policies, procedures, backup and disaster recovery.

Regards