Ordering Firewall Rules
Building a rule set is not difficult, but it is necessary to focus on the details, as some rules can be complex. The most important aspect of a firewall rule set is its order. Getting rules out of order causes unexpected and unwanted consequences. This can include traffic you want to block and other unwanted traffic crossing the checkpoint. Rule-set ordering is critical to the successful operation of firewall security.
When the wrong rule is positioned first, this creates a potential loophole. A loophole is a flaw in the logic of filtering that will allow an unwanted action to occur. A firewall can perform only the operations for which it is programmed, and the specifics of and the order of the rules are a form of programming. ...
Get Network Security, Firewalls, and VPNs, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
