7.8 Firewall PolicyThere should be a written policy stating what services will be allowed in from the Internet and which systems these services should be allowed to. A good starting point is that nothing beyond SSH and possibly SMTP should be allowed in. Even these should only be allowed to systems whose users have specifically requested them, and after verification that these systems seem reasonably secure and up-to-date. |
Top |