web
You’re offline. This is a read only version of the page.
close

IOMG Technical Standards: Firewalls

  • Best practice for data access and traffic control to be forefront to any design
  • Least Privilege will be applied by design
  • Traffic will be blocked by default and only specific traffic allowed
    • Allowed traffic is required to specify source, destination, ports and application where appropriate.
  • Segmentation will be used to enforce controls
  • For Web Application firewalls specific attention will be paid to protection from known web-based attacks in line with the published vulnerability lists
  • All staff with write access to firewalls must hold a valid appropriate professional certification