Project $1$: Server Firewall Configuration

Project Overview: As a lead Cybersecurity Engineer at our software company, you have been assigned the task of configuring the firewalls for two servers in our organization's server farms. The project aims to enhance the security of the Microsoft SQL Database Server and the Web Server by using stateful inspection firewall $($pfSense$)$ to control the network traffic and ensure that only necessary ports are open.

Project Objectives:

Configure the stateful inspection firewall $($pfSense$)$ to restrict access to the Microsoft SQL Database Server $($Windows Server $2019)$ so that only port $1433$ is accessible.

Configure the stateful inspection firewall $($pfSense$)$ to restrict access to the Web Server $($Windows Server $2019)$ so that only port $443$ is accessible.

Expected Outcome:

After configuring the firewall for the Database Server, all ports except port $1433$ should be closed. This will be verified using an Nmap scan.

After configuring the firewall for the Web Server, all ports except port $443$ should be closed. This will also be verified using an Nmap scan.

Project Tasks:

Task $1$: Server Preparation:

Ensure that the Microsoft SQL Database Server $($Windows Server $2019)$ is set up and ready for use, with the assumption that the Database will be installed by the DB Administrator.

Ensure that the Web Server $($Windows Server $2019)$ is set up and ready for use, with the assumption that the application and other configurations will be prepared by the DevOps Engineer.

Task $2$: Firewall Configuration:

Access the pfSense firewall.

Configure firewall rules for the Microsoft SQL Database Server:

Create a rule to allow incoming traffic on port $1433($SQL Server port$).$

Create a default deny rule for all other ports.

Configure firewall rules for the Web Server:

Create a rule to allow incoming traffic on port $443($HTTPS$).$

Create a default deny rule for all other ports.

Task $3$: Verification:

Conduct an Nmap scan to verify that all ports on the Microsoft SQL Database Server are closed except port $1433.$

Conduct an Nmap scan to verify that all ports on the Web Server are closed except port $443.$

Recommended Tools:

pfSense Firewall.

Nmap for conducting port scans.

Two Windows Server $2019$ Evaluation Edition virtual machines.

Virtualization software like VMware or Oracle VirtualBox for hosting the virtual servers.

Kali Linux for conducting network scans $($Nmap$).$

Project Deliverables:

A detailed configuration report for pfSense firewall for both the Database Server and Web Server.

Nmap scan reports showing closed ports for each server as per project objectives.