Back to T4.5.1 - P1 - NETWORK CONTROLS
Network managers should implement controls to ensure the security of information in networks, and the protection of connected services from unauthorized access. In particular, the following items should be considered:
- A. Operational responsibility for networks should be separated from computer operations where appropriate
- B. Responsibilities and procedures for the management of remote equipment, including equipment in user areas, should be established
- C. Special controls may be required to maintain the availability of the network services and computers connected
- D. Management activities should be closely coordinated both to optimize the service to the entity and to ensure that controls are consistently applied across the information processing infrastructure
Further measures can include:
- E. Implement ingress and egress filtering to allow only those ports and protocols with an explicit and documented business need
- F. Restrict access only to trusted sites (white lists)
- G. Inspect packets on DMZ networks using Security Event Information Management (SEIM) or log analytics systems
- H. Deploy Sender Policy Framework (SPF) records in DNS and enabling receiver-side verification in mail servers
- I. Disable / uninstall unused services;
- J. Enable host-based firewalls or port filtering tools on end systems with a default-deny rule that drops all traffic except those services and ports that are explicitly allowed
- K. Regularly scan port on all key servers, and compare results to a known effective baseline
- L. Backup and protect firewall, router, and switch configurations
Back to T4.5.1 - P1 - NETWORK CONTROLS
