NSTISSAM_COMPUSEC1-98

NSTISSAM_COMPUSEC1-98 - UNCLASSIFIED NSTISSAM COMPUSEC 1-98...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
UNCLASSIFIED NSTISSAM COMPUSEC 1-98 DECEMBER 1998 THE ROLE OF FIREWALLS AND GUARDS IN ENCLAVE BOUNDARY PROTECTION THIS DOCUMENT PROVIDES MINIMUM STANDARDS. FURTHER IMPLEMENTATION MAY BE REQUIRED BY YOUR DEPARTMENT OR AGENCY. UNCLASSIFIED
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
UNCLASSIFIED National Security Telecommunications And Information Systems Security Committee NATIONAL MANAGER FOREWORD 1. Ensuring system availability, data integrity and privacy, user authentication and transaction non-repudiation for communications and computer systems that comprise the National Information Infrastructure creates a host of Information Assurance (IA) challenges. One of the foremost of these challenges is the need to connect enterprise systems to external systems while protecting against the threat of external penetration with an adversarial goal of obtaining, manipulating or destroying critical information. The purpose of this Advisory Memorandum is to look at two available tools which are a part of the solution to this challenge. 2. Representatives of the National Security Telecommunications and Information Systems Security Committee (NSTISSC) may obtain additional copies of this Instruction from the Secretariat at the address listed below. KENNETH A. MINIHAN Lieutenant General, USAF NSTISSC Secretariat (V503)*National Security Agency*9800 Savage Road STE 6716*Ft Meade MD 50755-6716 (410) 859-6805*UFAX: (410) 859-6814 UNCLASSIFIED
Background image of page 2
UNCLASSIFIED NSTISS ADVISORY AND INFORMATION MEMORANDUM ON THE ROLE OF FIREWALLS AND GUARDS IN ENCLAVE BOUNDARY PROTECTION SECTION I – GENERAL BACKGROUND 1. Enclave boundary protection is one element in an overall “defense-in-depth” strategy for providing Information Assurance (IA) for enterprise systems (i.e., information systems with functional responsibilities; e.g., command and control, administrative, logistics, etc.). Enclave boundary protection requires a combination of security configuration elements to include firewalls and guards, as well as authenticators, encryptors, and virus and intrusion detectors. 2. Firewalls and guards are enclave boundary protection devices located between a local area network, that the enterprise system has a requirement to protect, and a wide area network which is outside the control of the enterprise system. Their primary purpose is to control access to the local area network from the outside wide area network, and to control access from the local area network to the wide area network. In many instances, they are also used within local area networks to provide a level of access control between different sub-networks within the local area network. SECTION II – TECHNICAL BACKGROUND 3. There are three general types of firewalls, a. Packet (or traffic) filtering, b. Application filtering, and a c. Hybrid of both. 4.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 9

NSTISSAM_COMPUSEC1-98 - UNCLASSIFIED NSTISSAM COMPUSEC 1-98...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online