Manualshelf

Installation guide

ManualsBrandsCyberGuard ManualsComputer equipmentSG570
12345678910
7
Many ISPs offer fully managed multi-tier firewall services. However, while you may rely on your ISP to
provide a network firewall service you may choose to provide your own LAN and personal firewalls. If you
are planning to rely solely on your own firewall/s, you need to be confident that you have chosen the right
firewall product and that you know how to properly configure and manage the firewall. You should also be
aware that some applications, such as video conferencing and Voice Over Internet Protocol (VOIP), may
not work ‘out of the box’ through your firewall.
Be prepared to continually manage your firewall configuration, making changes to the filtering rules to
accommodate new applications as necessary, upgrading software and firmware with vendor patches to
address any vulnerability in the firewall, and monitoring log files for signs of attacks.
Firewall implementation issues
Security versus functionality
Implementation and secure configuration of a firewall may impact on the delivery of some applications
services. While a firewall will not limit your ability to allow any services into your network, some services
may have less than secure protocols. By allowing these to pass through the firewall you may greatly
diminish its effectiveness. Typically, applications that deliver file transfers such as Pathology may use less
that secure protocols like FTP (File Transfer Protocol). Configuring your firewall to enable such applications
may open up your network to attack through these protocol services.
If your secure firewall configuration is not enabling applications to pass through, you can seek support from
the application supplier and a network security expert. Firewall configuration rules may be modified to allow
the required application protocols to be accepted, or accepted from an authorised address, or in a particular
network direction, so as not to compromise your network.
Alternatively, the application may require an insecure configuration of your firewall. The best advice in this
case is to either work with the application vendor to modify the application to provide a secure firewall
friendly transfer mechanism, or change to an application that does not require insecure configuration.
Do you have the necessary IT skills in-house?
Recently, network security institution, SANS added a ‘bonus’ number 11 to its list of the worst mistakes by
IT people that lead to security breaches: ‘Allowing untrained, uncertified people to take responsibility for
securing important systems’.
It is critical that you involve someone with adequate security experience when purchasing and setting up
security for your practice computer system/s.
Setting up a firewall always requires basic (inter)networking knowledge. While this tutorial can help you
understand more about firewalls and take you through the steps involved, you will still require the
appropriate networking and IT security expertise to properly protect your computer system.
If your practice has no skilled IT person on the staff, this tutorial may still act as a guideline for hiring
professional IT staff and/or services, and as a checklist for specifying the work that needs to be done.