Auditing nokia firewall
Author: Richard Sokal GSNA, GCIA
Ins titu
©
Richard Sokal
SA
NS
te
Adviser: Dominicus Adriyanto
Accepted: April 24th 2008
20
GSNA Gold Certification
08 ,
AUDITING NOKIA FIREWALL
Au
tho
rr
eta
ins
ful l
1
© SANS Institute 2008, As part of the Information Security Reading Room Author retains full rights.
rig
hts
AUDITING NOKIA FIREWALL
.
Table of Contents
1
Scope of Audit ....................................................................................................................................... 4 1.1 1.2 1.3 Introduction.................................................................................................................................... 4 System Characterization ................................................................................................................ 4 Area of interest............................................................................................................................... 5
2.1 2.1.1 2.1.2 2.2 2.2.1 2.2.2
Firewall capacity and system assurance......................................................................................... 6
Firewall backup and fault recovery.............................................................................................. 17 Risk ................................................................................................................................................... 17 Checklist........................................................................................................................................... 18 Firewall change management compliance ................................................................................... 26
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
2.3 2.3.1 2.3.2 2.4 2.4.1 2.4.2 2.5 2.5.1 2.5.2
Firewall software vulnerability and