The main objective of the Firewalls Administration Procedure is to provide clear rules and guidelines for the design, operation and support of firewalls within Company.
This document is necessarily high level and aims to be largely technology independent. Specific technology instructions will be referenced as external resources to this document.
The detailed design of firewall gateway architecture is outside the scope of this document. Also, the subject of personal firewalls, typically deployed on desktop PC’s or laptops, is not included here.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3.1 FIREWALL SECURITY STANDARDS
3.2 FIREWALL MONITORING
3.3 CHANGE CONTROL AND MANAGEMENT
3.4 FIREWALL HOST SECURITY
4. RESPONSIBILITIES MATRIX / TASK DETAILS
4.1 CHANGE CONTROL AND MANAGEMENT
4.2 FIREWALL HOST SECURITY
4.3 USER MANAGEMENT
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
The Public Cloud Security Standard (the Standard) establishes security requirements and controls to maintain the Confidentiality, integrity, and availability of the Company’s data in the public cloud.
The objective of vulnerability and patch Management process is to keep the components that form part of information technology infrastructure (hardware, software and services) up to date with the latest patches and updates.