![]() ![]() must be bijective: give an exact pairing of the elements of order and rulebase.The requirements for the structured Rule Name are: Use the Rule Name field to map the technical and the management level, creating a bijection between the rules described in the management process and the technical implementation. Keeping the process synchronized (all parties refer to the same rule), a necessary step to assure a high quality level of the rulebase, is a challenge and a common source of security issues. an operator technically implements the rule.an engineer designs a possible solution.a programmer fills out an order describing the action (add/change/remove) and the src/dst/svc.an application requires communications paths.Typically an organisation uses a management process, with some word/web/paper forms, to justify/document/monitor/create/remove the technical implementation of a rule: ![]() Normally a rulebase may have hundreds of rules, grouped – or not – in higher level logical blocks reflecting some administrative properties not strictly related to the technical implementation (example inbound/outbound smtp traffic is usually placed nearby even if not technically necessary). Is the Rule Name really useless? A reasonable caseīasically a rulebase consist of a set of rules used to partition the traffic between two areas in as small as possible channels to monitor/allow/block the traffic flow. Rule Name appears throughout all the applications (for example, SmartView Tracker, SmartReporter, and so on), and offers a clue as to why it is being used.ĭuring our firewall rule reviews, we see different usage of the Rule Name field: the most used value is “” (none, null, void …), then a plethora of strings ranging from “Test” to the lapalissian “Allow rule” (sometime in conjunction with a drop action). Name used to indicate the significance of the specific rule. In the Checkpoint manual, the Rule Name is described as the: ![]()
0 Comments
Leave a Reply. |