Auditing nokia firewall

Disponible uniquement sur Etudier
  • Pages : 47 (11588 mots )
  • Téléchargement(s) : 0
  • Publié le : 20 avril 2011
Lire le document complet
Aperçu du document
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46

Author: Richard Sokal GSNA, GCIA

Ins titu

©

Richard Sokal

SA

NS

te

Adviser: Dominicus Adriyanto

Accepted: April 24th 2008

20

GSNA Gold Certification

08 ,

AUDITING NOKIA FIREWALL

Au

tho

rr

eta

ins

ful l
1
© SANS Institute 2008, As part of the Information SecurityReading Room Author retains full rights.

rig

hts

AUDITING NOKIA FIREWALL

.

Table of Contents
1

Scope of Audit ....................................................................................................................................... 4 1.1 1.2 1.3Introduction.................................................................................................................................... 4 System Characterization ................................................................................................................ 4 Area of interest............................................................................................................................... 5

2.1 2.1.1 2.1.2 2.2 2.2.1 2.2.2

Firewall capacity and systemassurance......................................................................................... 6

Firewall backup and fault recovery.............................................................................................. 17 Risk ...................................................................................................................................................17 Checklist........................................................................................................................................... 18 Firewall change management compliance ................................................................................... 26

Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46

2.3 2.3.1 2.3.2 2.4 2.4.1 2.4.2 2.52.5.1 2.5.2

Firewall software vulnerability and patch management .............................................................. 27 Risk ................................................................................................................................................... 27Checklist........................................................................................................................................... 28 Firewall operating system vulnerability and patch ma nagement................................................. 30 Risk ................................................................................................................................................... 30Checklist........................................................................................................................................... 30 Privileged account access control ................................................................................................ 35

©

2.6.1 2.6.2

SA

2.6

2.7

Richard Sokal

NS

Risk................................................................................................................................................... 35 Checklist........................................................................................................................................... 35 Firewall rulebase compliance....................................................................................................... 39 2

Ins titu

te

Policy............................................................................................................................................... 26 Checklist........................................................................................................................................... 26

© SANS Institute 2008,

As part of the Information Security Reading Room

20

08 ,

Au

Risk...
tracking img