Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
444
Views
3
Helpful
1
Replies

FW Best Practices

Mike Keenan
Level 1
Level 1

‎08-28-2014 01:14 PM - edited ‎03-11-2019 09:41 PM

This question is about best practices regarding firewalling personal identifiable information such as health records (please see attached image). This scenario assumes the use of Cisco ASA 5500 firewalls.

If the majority of cyber attacks happen from within an organization is it more important to give the "internal" interface a higher security level (higher level of trust) than the DMZ interface that connects to customer information or should the internal interface have a lower security level? I have included a visual depiction of this scenario in my attached document. I would like to know what others are doing to firewall critical information. Would an organization be remiss in not assigning the data servers the highest level of security while assuming that the internal network should be the most secure? Any insight into this question would be appreciated. Thanks!

Labels:
Preview file
38 KB
Preview file
39 KB
0 Helpful
1 Reply 1

nkarthikeyan
Level 7
Level 7

‎08-28-2014 11:36 PM

Hi Mike,

 

Security-level will not play a crucial role, when you have other filtering mechanisms in place..... if you have ACL allowed for certain access in the respective interfaces.... asa will allow by looking at the acl,nat, inspection..... So security-level is not a big challenge.... more over inside interface requires more sec-level than anything...... that is for protecting the outside hackers to get in to internal system.....

 

But that makes nothing when you have other security configurations in place to filter for permit/deny access.....

 

Regards

Karthik

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card