Article 56 – Firewall Configuration Policy
49130.5 Firewall Administration and Management
-
The following firewall management practices shall be utilized:
-
Configuration of rulesets and policies shall be managed through an internal change management process.
-
Firewall security logs shall be reviewed no less than every six (6) months to detect any unauthorized entry attempts or network anomalies, and shall be retained for a period of one (1) year.
-
All enterprise firewall rulesets shall be reviewed according to documented processes and procedures.
-
All new inbound and outbound connections requiring firewall rulesets to be applied shall have a valid business justification and the approval of the Information Asset Custodian on behalf of the Information Asset Owner.
-
Current security updates, patches, and anti-virus definitions shall be applied in accordance with documented standards, threat intelligence, and product/vendor guidance.
-
Administrative access shall be restricted to authorized and approved Information Asset Custodians and designated security personnel.
-
Access to management and administrative interfaces shall be available only from locations that are deemed appropriate.
-