There is NO answer to that question. They are obviously firewall ignorant. I assume they are independent auditors? If so, I would consider firing them for such a stupid question. Makes me wonder what else they know nothing about...
Christian Campbell Systems Engineer, Sair LCP, A+, N+, i-Net+ Bruegger's Enterprises Desk: 802-652-9270 Cell: 802-734-5023 Fax: 802-660-4034 Email: ccampbell at brueggers dot com PGP Public Key available via PGP keyservers or http://www2.brueggers.com/pgp/ccampbell.html "We all know Linux is great... It does infinite loops in 5 seconds." -Linus Torvalds > -----Original Message----- > From: Albert Higgins [mailto:[EMAIL PROTECTED] > Sent: Thursday, May 06, 2004 9:44 AM > To: [EMAIL PROTECTED] > Subject: [FW-1] How many rules should a firewall have? > > > Hi, > > Our auditors are in the midst of things, and they want to > know how many > rules a firewall should have. > > I told them that 'it depends'. I said that there is no > specific number > and a good firewall can have 500 rules, while a bad firewall > can have 3 > rules. > > They nonetheless want a specific number and they want me to answer the > following question: > > How many rules should both the perimeter and internal > firewalls of a global > financial services organization have? > > I need to point them to a document or URL. Anyone have a > reference I > could use? > > Thanks!!!! > > _________________________________________________________________ > Watch LIVE baseball games on your computer with MLB.TV, > included with MSN > Premium! > http://join.msn.com/?page=features/mlb&pgmarket=en-us/go/onm00 200439ave/direct/01/ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
