Standards in Desktop Firewall Policies
If you have ever been involved in managing a host-based firewall solution for your organization then you know what a headache it can be. Possibly the most difficult task is maintaining the desktop firewall policy, so that users are capable of performing their daily work, without the interference that these applications are known to cause.
Security Focus has a great article outlining standards in desktop firewall policies. If you have experience running a program of this nature, or are endeavoring to commence one, then this is a must read.
The idea of a common desktop firewall policy in any size organization is a very good thing. It makes responses to external or internal situations such as virus outbreaks or network-oriented propagation of viruses more predictable. In addition to providing a level of protection against port scanning, attacks or software vulnerabilities, it can provide the organizations local security team a baseline or starting point in dealing with such events.
The trick to a good desktop firewall policy is to provide a balance between security and the networking requirements of the applications needed by the organization. It’s possible the organization may not yet have a complete knowledge of these requirements. This should make the first attempt to define a standard/global policy interesting, depending on the level of protection one is trying to provide and the situation or environment the desktops may be in.
The articles does not talk about the various products available, only about the basic theory behind managing and maintaining a desktop firewall policy. If you are looking towards defense in depth then host-based firewalls might be a good direction to go, which makes this a much more important read than you might have initially though.