Enterprise Firewall Best Practices for 2018

Speed and reliability. Those are the primary concerns when it comes to enterprise wireless networks.

I’ll make a slight revision though; speed, reliability, and security.

A successful cyberattack can quickly send a business into a disarray, which is why I argue that every organization worth its salt should invest in a network firewall. It’s not enough to invest in a firewall though. Business should be familiar with some tried and true best practices.

In larger networks, you should let routers do what they do best; route and pass network traffic. While that holds true, there are some exceptions to this rule where you may want to consider implementing some basic router blocking. 

• You shouldn’t consider adding an access control list entry for each individual suspicious IP address, By doing so, you’ll end up with an extensive ACL  This means that your internet router will have to process every individual entry . Additionally, this approach makes it difficult for network managers who will need to determine why each entry was added to the list and whether the entry still needs to be included on the ACL.
• It’s often forgotten that there are a number of vulnerable enterprise devices sitting just outside the firewall. This being said, it’s critical that you implement filters on the router to keep unauthorized users from being able to access the network.

Filter fake IP addresses (bogons)

Team Cymu identifies a bogon prefix as a route that should never appear in the Internet routing table. A packet router over the public internet shouldn’t have a source address in a bogon range. These are commonly found as the source address of DDoS attacks.

If you’re trying to filter out bogons, it’s critical that you keep your filters as up to date as possible. The bogons list can change as unlocated IP addresses are allocated by the Regional Internet Registries.

Default Deny

Firewalls are designed to protect your organization’s asserts. Firewall’s are often thought of as devices that allow in all traffic aside from what you choose to block. A smarter approach would be viewing a firewall as something that blocks all traffic aside from what you choose to let through.

When firewall filtering, you should remember that at some point a new network administrator will step in and have to make sense of your network privileges. That being said, it’s important that you label everything on your network and include a reasons for each network action (try to be as specific as possible!).