The first category “Policy development and support” is simplest to understand. It includes: the creation and maintenance of the overall strategy for the network perimeter as well as the overall rules upon which it is operated. Strategy is usually captured in a strategy document (if one does not exist I strongly recommend that one is documented, I say documented because most organizations know what their strategy is but, don’t document it). Based on this basic strategy supporting policies are then developed to govern the network perimeter. At minimum the strategy and policies should define the following:
- Purpose of the network perimeter
- Basic architectural design of the perimeter: what each segment of the perimeter should be used for
- A lifecycle for all the documents that support the network perimeter
- Implementation requirements for use of the perimeter (in or Out)
- Monitoring requirements of the perimeter (performance and security)
- Reporting requirements of the perimeter
The second category “Implementation processes” consists of processes for implementation. These processes must detail:
- The approval process for adding something to the perimeter network
- The technical steps for adding something to the perimeter network
- The technical steps for updated any related devices that support the network perimeter (i.e. Firewalls, routers)
- Requirements for monitoring performance of the new addition.
- Requirements for reporting security of the new addition
The third category “Maintenance processes” consists of processes for maintaining the network perimeter. The maintenance of the network can be viewed at two basic levels. The first level would be performance which consists of processes to ensure that the perimeter is operating effectively and as expected and to be able to identify areas in need repair or upgrade.
Popularity: 1%
