1. Scope of Work The scope of work for this project is to document and assess firewall infrastructure. This project will include the following tasks:
• Gain an understanding of all perimeter devices. • Assess the configuration of the devices. o Administrative Authentication o Administrative Access o Logging Settings o Logging Servers o Remote Access o Management Server o VPN connections • Assess firewall, network address translation, Site-to-site VPN, and remote access rules. • Make recommendations for any identified issues or gaps in the configuration. • Document the configuration of each device and entire environment. 2. Methodology The methodology used to assess environment will be based on security best practices. The following tasks will be included in the work: • Gain an understanding of the environment. • Review device configuration and architectures. • Perform interviews with Firewall and Network administrators. • Assess the environment based on industry best practices. • Determine issues and gaps by using a risk based approach. 3. Estimated Schedule and Deliverables This project will be based on time and materials for a firewall engineer. The estimated time to complete the work and deliverables below is 3 months. The deliverables are as follows: • Architectural diagrams and documents depicting: o Firewall Environment ? Detailed Visio of all perimeter devices including the physical interfaces. ? Detailed Visio and Table showing the firewalls, management consoles, and logging servers. o Site to Site Connections ? Detailed Visio of all Site-to-Site connections, split out by business partner sites. o Networks Segments ? Document the following: • Internet Connections • Business Partner Connections • DMZs • Internal Networks • Firewall Assessment Report that will include the following topics: o Firewall architecture design gaps. o Firewall and device configuration gaps. o Firewall, VPN, and NAT issues. -- *Thanks & Regards* *Raman M* *REASONSOURCETECH.* -- You received this message because you are subscribed to the Google Groups "Oracle Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/oracle-users. For more options, visit https://groups.google.com/groups/opt_out.
