Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

e Project: Improving a Rule Base Description: You have accepted a position as network administrator for a law firm. Unfortunately, the previous administrator did not

e Project: Improving a Rule Base

Description: You have accepted a position as network administrator for a law firm. Unfortunately, the previous administrator did not leave much documentation of the network infrastructure and its configuration. You have spent many hours documenting the transmission media, data storage, and device configuration. You have examined the firewall in an attempt to understand the existing rules and their purpose, and to see whether rewriting the rule base could speed up the firewalls performance and improve security.

Table 9-14 shows the notes you have made about the firewall rule base.

The firewall works correctly, but some simple changes to the rule base could improve its performance dramatically. The network has IP addresses from 210.100.101.0 to 210.100.101.255. The firewall is at 210.100.101.1, the Web server is at 210.100.101.2, the DNS server is at 210.100.101.3, the SMTP server is at 210.100.101.4, and the POP3 server is at 210.100.101.5.

Table 9-14:

image text in transcribed

You have noted some questions that you need to address as you consider modifying the firewall rule base:

a. Which rules cover the same sort of communication?

b. Which rules are too far down the list and should be moved up?

c. Which rules give the firewall more work than necessary? (Hint: Look in the Track column.)

Using as few rows as possible, write a new rule base that addresses the questions in the preceding steps.

Rule Destination IP ProtocolAction Track Alert None Source IP Comments 210.100.101.1 Deny Blocks access to firewall 210.100.101.0 to Any 210.100.101.255 Blocks network access to Web server using S-HTTP S-HTTP Deny AllowNo 210.100.101.0 toAny 210.100.101.255 HTTP S-HTTP Allows network access to all Web sites AllowLog Allows all computers to access the Web server using HTTP 4 Any 210.100.101.2 HTTP Allow Enables network to make queries to DNS server UDP 210.100.101.0 to 210.100.101.3 210.100.101.255 Allow Any except 210.100.101.0 to 210.100.101.255 Enables DNS server to make lookups on the Internet but not in the network 210.100.101.3 TCP AllowNone 210.100.101.0 to 210.100.101.5 210.100.101.255 Allows network access to POP3 server TCP AllowNone Allows any computer to access the SMTP server Any 210.100.101.4 TCP 9 Deny Cleanup rule

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database Systems Design Implementation And Management

Authors: Peter Robb,Carlos Coronel

5th Edition

061906269X, 9780619062699

More Books

Students also viewed these Databases questions

Question

Differentiate the function. r(z) = 2-8 - 21/2 r'(z) =

Answered: 1 week ago