3 |
Firewall policy:
-
must support without internal client modifications: telnet, FTP, e-mail (SMTP out, POP3 in), HTTP, HTTPS, NNTP, IRC, RealAudio
-
ICMP (ping, traceroute) allowed from internal host outside; firewall should prevent ping and traceroute from outside
-
Telnet and FTP allowed inbound with strong authentication
-
secure remote administration allowed
-
firewall must prevent IP spoofing attempts
-
the firewall needs logging and reporting mechanisms
|