IAB Interactive Standardized Equipment List   return to main tree

Search Interactive SEL:




Last Updated: 10/18/2015 2:46:57 PM

Previous SEL Number: 05NP-00-FWAL

Description: Firewall (software or standalone appliance) for use in protecting networks. See also 05HS-00-PFWL.

ImportantFeatures: May implement simple filtering, or may include other functions such as malware protection (e.g., virus scanning) or application proxies.

Operating Considerations: See NIST

National Institute of Standards and Technology

SP 800-36 and SP 800-41 for guidance.
Third-party professional security audit of network recommended to ensure proper deployment.
Should reflect organization's written policy on connectivity and permitted traffic.
Must be capable of both inbound and outbound filtering.
Most effective when combined with appropriate router configuration/filtering. See 04HW-03-ROUT.

Training Requirements: Core Training: Per Manufacturer's Specifications
Initial Training: Extensive (> 2 days)
Sustainment Training: Extensive (> 2 days)

Mandatory Standards:

Applicable Standards and References:

NIST SP 800-036, Guide to Selecting Information Security Products, Oct 2003 (WITHDRAWN, still available.)

NIST SP 800-041, Revision 1, Guidelines on Firewalls and Firewall Policy, Sep 2009

NIST SP 800-047, Revision 1, Managing the Security of Information Exchanges, Jul 2021

NIST SP 800-083, Revision 1, Guide to Malware Incident Prevention and Handling for Desktops and Laptops, July 2013

NIST SP 800-092, Guide to Computer Security Log Management, Sep 2006

NIST SP 800-171 Rev. 2, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, Updated 1/28/21

MSSL:

Law Enforcement: Forensic Technician

Law Enforcement: Maritime

Law Enforcement: SWAT/Tactical Team

Medical: Point of Dispensing