Provide (2) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
The abbreviation CIA (meaning confidentiality, integrity, and availability) is a pretty clear description of a what a firewall should provide to a network. The practices that will help achieve a better state of CIA will ultimately lie in how yo configure your firewall. When configure your firewall its a good idea to initially block all traffic by default and then begin authorizing traffic from trusted sources as needed. This lowers the chance of accidently forgetting to block traffic from a specific network. Another good practice to have with firewalls is to update their configurations regularly. This allows you to make changes to the configurations as needed as well as make sure that no unauthorized changes have been made.
As for the daily logging required by the CISO, I think the firewalls offered by WatchGuard would be the best choice. They not only allow live monitoring of network traffic but they also include in depth logging that can be organized and viewed on multiple levels as to make the information easier to understand. It is a next gen firewall that includes the benefits of the packet filtering, circuit level gateway, and stateful inspection firewall. Like most next gen firewalls it also includes an IPS along with, furthering the security measures.
Managing a firewall of this caliber can be a daunting task, as it is more geared towards those who are more tech savvy. Updates are pushed by the manufacturer but may still require action from the user to install them. As i mentioned earlier, regularly checking and changing the configurations are going to be a core part of managing this firewall.
The CIA Triad stands for Confidentiality, Integrity and Availability. It is a bit like a three-legged stool. If one part of the triad is lacking, the rest of it comes tumbling down. Firewall best practices must ensure all three remain standing. This includes protecting sensitive data, keeping the system and all devices running, and blocking threats so that no compromises can enter the system (Gault, 2015). For instance, if a firewall is not doing its job, and the system is infected by a denial-of-service attack or other network intrusion, that will prevent access by legitimate users, aka Availability. This also bleeds over to Integrity, because the system is not running as it should, and is compromised. Firewall rules must further adhere to the requirements of the organization, and block/allow traffic pending the “security” or Confidentiality, aka need-to- know of employees, etc.
To be successful with achieving the CIA triad, firewall rules must be paired with logging, which records details on IP addresses, ports, and overall network activity. Logs are beneficial in detecting nefarious activity and remedying any problem as quickly as possible. In this case, the best firewall to support detailed logging (and the most fiscally responsible) would be the built-in Microsoft Windows firewall (Exabeam, n.d.). With a few somewhat simple steps, a user can modify the properties so that it logs traffic and creates a “pfirewall.log” file in the directory. The logs records time and date of connections, if it was approved or denied, the type of connection, IP, and packet direction. Managing this software firewall type is simple, as it is updated as Microsoft software patches and updates are pushed. This solution is geared towards a small organization or home office but is still extremely useful in detecting suspicious activity.
Exabeam (n.d.). The Significance and Role of Firewall Logs. Exabeam. Retrieved 09 March 2021, from https://www.exabeam.com/siem-guide/siem-concepts/firewall-logs/
Gault, M. (20 December 2015). The CIA Secret to Cybersecurity That No One Seems To Get. Wired. Retrieved 09 March 2021, from https://www.wired.com/2015/12/the-cia-secret-to-cybersecurity-that-no-one-seems-to-get/