Case Project 9-1: Improving a Rule Base
You have accepted a position as network administrator for a law firm. Unfortunately, the previous administrator did not leave much documentation of the network infrastructure and its configuration. You have spent many hours documenting the transmission media, data storage, and device configuration.
You have examined the firewall in an attempt to understand the existing rules and their purpose, and to see whether rewriting the rule base could speed up the firewall's performance and improve security. Table 9-14 shows the notes you have made about the firewall rule base. The firewall works correctly, but some simple changes to the rule base could improve its performance dramatically.
The network has IP addresses from 210.100.101.0 to 210.100.101.255. The firewall is at 210.100.101.1, the Web server is at 210.100.101.2, the DNS server is at 210.100.101.3, the SMTP server is at 210.100.101.4, and the POP3 server is at 210.100.101.5.
You have noted some questions that you need to address as you consider modifying the firewall rule base:
? Which rules cover the same sort of communication?
? Which rules are too far down the list and should be moved up?
? Which rules give the firewall more work than necessary? (Hint: Look in the Track column.)
On a separate piece of paper, create a rule base table. Using as few rows as possible, write a new rule base that addresses the questions in the preceding steps.