Skip to content

Firewall Policy

Answered by: 

Question: 
Our external auditor has requested that we create a firewall policy. I certainly wouldn't know where to begin. Does anybody have or know where I can get a template for a firewall policy?
Answer: 

I don't know enough about it to write a policy. You need to work very closely with your IT folks so that you know what you want to block, what you want to allow through and what your systems can handle. Failure to do it right can either expose you to risks, or tie the hands of your employees.

I would suggest you consult sites such as Zone Alarms (zonelabs.com as I recall) and others commercially available and inquire with them. While they would present something which may be one-sided, you may get enough from them to do a good job with this. Also, look at the FFIEC and your regulators IT exam procedures and reference materials, then you'll also have the minimum requirements.

First published on BankersOnline.com 11/15/10

First published on 11/15/2010

Filed under: 
Filed under security as: 

Search Topics