Question

1 Approved Answer

Posted on Sep 26, 2024

Firewall Assignment Below is a diagram of a simple business setup. There are three firewalls: Main Office Firewall, Branch Office Firewall, and European Office Firewall

image text in transcribed

Firewall Assignment Below is a diagram of a simple business setup. There are three firewalls: Main Office Firewall, Branch Office Firewall, and European Office Firewall The homework is to write some rules, like we did on the board, in a table, for these firewalls. You can use network numbers or physical ports like "etho" in your rules. You can also use "------" to signify "any / all" in a cell of the table. You can use words like "permit" or "allow" as the action to pass traffic, and "block" or "deny" to drop traffic. I'm not picky about the word, as long as it's clear what it means. If you run out of lines in the table, add more to the bottom - the tables are not calculated to have the right number of lines for the number of rules you'll be asked to write! Assume all 3 firewalls are going to need a Default Deny" stance. Also assume that they allow stateful connections. The most helpful document for this assignment is probably the NIST 800-41 document from about page 33 until the end of the chapter.... You can fill out the tables in this document electronically, or print it and fill them out by hand, then scan/photo them to submit them. Firewall 190.22.2.1 192.23 Rosor European Office both Man Office 128.38.2.1 129.2.0.0/16 18.8.1.11 190...10 194.50.20.0/24 Branch Server 192.22.22.00 192.22.2.2 Pre From Free 1 Branch Office Firewall 1. Write a rule(s) to allow the workstation 192.22.22.2 to connect to the Internet. 2. Write a rule(s) to block the Internet from initiating connections to the workstation. 3. Write a rule(s) to allow the workstation 192.22.22.2 to connect to the Main Office. 4. Write a rule(s) to allow the workstation 192.22.22.2 to connect to the European Office. 5. Write a default deny rule blocking traffic from the Internet, if needed, at the bottom of the table. Comment ANSWER TABLE FOR BRANCH OFFICE FIREWALL" Rule Source Source Source Destination Destination Destination Action # Interface Address Port Interface Address Port (permit /deny) 1 2 3 4 5 6 European Office Firewall 1. Write rule(s) to allow the network 194.50.20.0 to connect to the Internet and the Main Office. 2. Write rule(s) to block anything except the Main Office from connecting to the European Office. (in other words, permit the Main Office and deny all others) 3. Write a default deny rule blocking traffic from the Internet, if needed, at the bottom of the table. ANSWER TABLE FOR "EUROPEAN OFFICE FIREWALL" Rule # Comment Source Source Source Interface Address Port Destination Destination Destination Action Interface Address Port (permit /deny) 1 2 3 4 5 6 Main Office Firewall 1. Write rule(s) to allow the network 129.88.0.0 to connect to the Internet and to the European Office. 2. Write rule(s) to allow the Internet to connect to the web server 129.88.1.11 on the standard HTTP and HTTPS web ports. 3. Write rule(s) to allow the Branch and European Offices to connect to the web server 129.88.1.11 on ports 8080 and 8443. 4. Write a default deny rule blocking traffic from the Internet, if needed, at the bottom of the table. ANSWER TABLE FOR MAIN OFFICE FIREWALL" Comment Rule # Source Source Source Destination Destination Destination Action Interface Address Port Interface Address Port (permit deny) 1 2 3 4 5 6 7 8 9 10 11 12 Firewall Assignment Below is a diagram of a simple business setup. There are three firewalls: Main Office Firewall, Branch Office Firewall, and European Office Firewall The homework is to write some rules, like we did on the board, in a table, for these firewalls. You can use network numbers or physical ports like "etho" in your rules. You can also use "------" to signify "any / all" in a cell of the table. You can use words like "permit" or "allow" as the action to pass traffic, and "block" or "deny" to drop traffic. I'm not picky about the word, as long as it's clear what it means. If you run out of lines in the table, add more to the bottom - the tables are not calculated to have the right number of lines for the number of rules you'll be asked to write! Assume all 3 firewalls are going to need a Default Deny" stance. Also assume that they allow stateful connections. The most helpful document for this assignment is probably the NIST 800-41 document from about page 33 until the end of the chapter.... You can fill out the tables in this document electronically, or print it and fill them out by hand, then scan/photo them to submit them. Firewall 190.22.2.1 192.23 Rosor European Office both Man Office 128.38.2.1 129.2.0.0/16 18.8.1.11 190...10 194.50.20.0/24 Branch Server 192.22.22.00 192.22.2.2 Pre From Free 1 Branch Office Firewall 1. Write a rule(s) to allow the workstation 192.22.22.2 to connect to the Internet. 2. Write a rule(s) to block the Internet from initiating connections to the workstation. 3. Write a rule(s) to allow the workstation 192.22.22.2 to connect to the Main Office. 4. Write a rule(s) to allow the workstation 192.22.22.2 to connect to the European Office. 5. Write a default deny rule blocking traffic from the Internet, if needed, at the bottom of the table. Comment ANSWER TABLE FOR BRANCH OFFICE FIREWALL" Rule Source Source Source Destination Destination Destination Action # Interface Address Port Interface Address Port (permit /deny) 1 2 3 4 5 6 European Office Firewall 1. Write rule(s) to allow the network 194.50.20.0 to connect to the Internet and the Main Office. 2. Write rule(s) to block anything except the Main Office from connecting to the European Office. (in other words, permit the Main Office and deny all others) 3. Write a default deny rule blocking traffic from the Internet, if needed, at the bottom of the table. ANSWER TABLE FOR "EUROPEAN OFFICE FIREWALL" Rule # Comment Source Source Source Interface Address Port Destination Destination Destination Action Interface Address Port (permit /deny) 1 2 3 4 5 6 Main Office Firewall 1. Write rule(s) to allow the network 129.88.0.0 to connect to the Internet and to the European Office. 2. Write rule(s) to allow the Internet to connect to the web server 129.88.1.11 on the standard HTTP and HTTPS web ports. 3. Write rule(s) to allow the Branch and European Offices to connect to the web server 129.88.1.11 on ports 8080 and 8443. 4. Write a default deny rule blocking traffic from the Internet, if needed, at the bottom of the table. ANSWER TABLE FOR MAIN OFFICE FIREWALL" Comment Rule # Source Source Source Destination Destination Destination Action Interface Address Port Interface Address Port (permit deny) 1 2 3 4 5 6 7 8 9 10 11 12