That statement is too vague. There are no set number of rules they should have. It will depend on an organizations security policy. Security policies vary from organization to organization. Even if they are within the same business. For example, I've worked with large banks here in Canada, and each bank has a different number of rules, as well as different types of rules. It depends on applications, number of VPN's, client access rules and regs, etc. Each company can define things as granular or as vague as they want. But there is no set amount that any organization should have. The number needs to be determined by the experience of the administrator, and corporate security policy.
Hope that helps Rob -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Albert Higgins Sent: Thursday, May 06, 2004 10:14 AM To: [EMAIL PROTECTED] Subject: [FW-1] How many rules should a firewall have? Hi, Our auditors want to know how many rules a firewall should have. I told them that 'it depends'. But they want me to answer the following question: How many rules should both the perimeter and internal firewalls of a global financial services organization have? I need to point them to a document or URL. Anyone have a reference I could use? Thanks!!!! _________________________________________________________________ Mother's Day is May 9. Make it special with great ideas from the Mother's Day Guide! http://special.msn.com/network/04mothersday.armx ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
