Step-by-Step Guide: Configuring Firewalls for Network Security

by douderam99 in Teachers > University+

143 Views, 2 Favorites, 0 Comments

Step-by-Step Guide: Configuring Firewalls for Network Security

Screenshot 2024-10-13 at 8.13.13 PM.png

This guide will help you configure basic network security on a firewall using a simple 8 step process. Whether you're using Windows Defender, Fortinet, Palo Alto, or any other firewall system, these instructions will walk you through securing your network efficiently. Let’s get started!

Supplies

Screenshot 2024-10-13 at 8.14.55 PM.png
  1. Windows Defender was from the first screenshot, where we accessed the firewall settings.
  2. Fortinet, Palo Alto, CheckPoint appeared in subsequent screenshots, showing different network firewall configurations.
  3. Security Event Manager was visible in the image where you monitor logs and network activity.
  4. Sophos was used to test firewall policies, as shown in one of the images.

Access Firewall Settings

Screenshot%202024-10-11%20at%2010.50.38%20PM.png

Access your system’s firewall settings by navigating to the Control Panel. For Windows users, go to Control Panel > Windows Defender Firewall. From here, you can manage network settings for both Private and Public networks. The image shows how you can see which networks are connected and adjust rules.


Why it’s important: Proper access to firewall settings is crucial to managing network security. This is where you establish the foundation of your firewall configurations.



Set Basic Firewall Rules

Screenshot 2024-10-13 at 7.23.30 PM.png

In a Fortinet system, after accessing the firewall dashboard, create new firewall rules. In this example, rules like GlobalTestACL or AntiScan are configured to reject certain types of traffic, while others like test5 are accepted.

You can configure source and destination addresses along with specific services.

Why it’s important: These basic rules determine what types of traffic are allowed or blocked. Rejecting unauthorized traffic or malware scans protects the network from malicious attacks.

Create and Manage Zones

Screenshot 2024-10-13 at 7.30.59 PM.png

Using Palo Alto Networks, you can create trusted and untrusted zones to segregate network traffic. Assign specific interfaces to these zones to route traffic securely.

You can also include or exclude specific IP ranges in these zones, as shown in the User Identification ACL section.

Why it’s important: Zones allow you to categorize parts of your network based on trust level, separating potentially unsafe external traffic from critical internal network functions.


Configure Network Objects

Screenshot 2024-10-13 at 7.43.35 PM.png

In CheckPoint or similar systems configure Network Objects by adding hostnames, address ranges, or specific types of networks.

For example, you may create objects for an internal host or a range of IP addresses that need to be allowed or denied from accessing the network.

Why it’s important: This step lets you define what addresses are recognized by your firewall enhancing control over which IPs or network ranges have access to your network resources.

Monitor Traffic and Event Logs

Screenshot 2024-10-13 at 7.49.53 PM.png

Use monitoring tools like Security Event Manager to track network health, node performance, and login attempts. You can see real time stats on traffic, node activity, and failed logins. The dashboard gives detailed insights into system health and events helping you analyse logs and adjust firewall settings as needed.

Why is it important: Continuous monitoring helps detect unauthorized access or unusual traffic that could signal a security breach. Reviewing logs regularly keeps the network secure and reliable.

Test Firewall Policy

Screenshot 2024-10-13 at 8.00.36 PM.png

After setting your firewall rules, use a tool like Sophos to test them. Enter a URL or IP to check if the firewall is correctly blocking or allowing traffic. Testing firewall rules ensures your security setup works and that the firewall handles intrusions or legitimate traffic properly.

why is it important: Testing firewall rules helps verify that your security settings work correctly making sure your firewall blocks intrusions and allows legitimate traffic as intended.

Review Firewall Activity

Screenshot 2024-10-13 at 8.07.17 PM.png

Review detailed reports on firewall activity, including blocked/allowed traffic and protocol-based events. This helps identify trends over time and optimize firewall settings based on real traffic data.

The dashboard in the image shows data like Top Firewall Events by Protocol and specific events blocked based on TCP/UDP rules.

why is it important: Reviewing activity helps ensure your firewall works well and guides rule changes based on real traffic patterns.



Screenshot 2024-10-13 at 8.10.35 PM.png

Regularly upgrade your firewall policies, as shown in Azure Firewall Manager. After creating new policies or making changes, you can upgrade and apply those settings to ensure your network is protected with the latest configurations and patches.

Why it’s important: Regularly upgrading your firewall is critical to patching known vulnerabilities and ensuring your system uses the latest security configurations.