Firewall Requirements for ISO 27001

In this article, you will discover:

  • What is ISO 27001 and Firewall
  • Types of firewalls
  • Firewall requirements in SOC 2

What is ISO 27001?

ISO 27001 is the globally recognized standard for information security management systems (ISMS), providing companies of any size and from all sectors with a systematic and structured approach to managing and protecting sensitive information. 

It employs a Plan-Do-Check-Act (PDCA) cycle and provides a framework for organizations to:

  • Identify and assess information security risks
  • Implement control to mitigate risks
  • Monitor and review the effectiveness of of those controls on an ongoing basis

More information about ISO 27001 can be found in this article.

What is a Firewall?

A firewall serves as a network security tool, overseeing both incoming and outgoing network traffic and determining whether to permit or block specific traffic based on predefined security rules. 

With a history spanning more than 25 years, firewalls serve as the primary defense mechanism in network security, creating a boundary between secure internal networks and potentially untrustworthy external networks like the Internet. 

Firewalls can take various forms, including hardware, software, software-as-a-service (SaaS), and deployment in public or private clouds.

Benefits of Firewalls:

  • Monitors Network Traffic: Firewalls analyze network traffic to enforce rules and filters, enabling proactive management of system protection.
  • Stops Virus Attacks: By controlling system entry points, firewalls prevent harmful viruses from infiltrating and causing potential damage.
  • Prevents Hacking: Firewalls act as a barrier against unauthorized access attempts, deterring hackers from compromising sensitive data and systems.
  • Stops Spyware: By blocking spyware and malware, firewalls safeguard systems from unauthorized infiltration and data theft.
  • Promotes Privacy: Firewalls ensure data security, fostering trust and privacy for clients and enhancing organizational reputation and competitiveness.

Types of Firewalls

TypeFunctionalityAdvantagesDisadvantages

Packet Filtering Firewall

  • Inspects data packets with source and destination IP

  • Drops packets failing inspections

  • Simple
  • Easy to bypass

  • Vulnerable to IP spoofing

  • Lacks user authentication and loggingInflexible, designed to monitor specific details

Stateful Inspection Firewall

  • “Traditional” firewall

  • Combines packet filtering and TCP handshakes

  • Tracks and filters based on the connection status
  • Better protection than packet-filtering

  • Better logging and tracking features

  • No application-filtering or content-filteringHigh resource consumption (memory & CPU)

  • Complex configuration

Proxy Firewall (Application-Level Gateway)

  • Verifies packets, TCP handshake, and application layer inspections
  • Extra separation between the source and the network

  • Powerful if configured correctly

  • Easy setup process

  • Delivery via cloud solutions
  • Needs new proxy for each application

  • Complex configuration

  • Slow performance



Unified Threat Management (UTM) Firewall

  • Combines stateful inspection with intrusion prevention and antivirusIncludes cloud management for added services
  • Simple: consolidates IT services into 1 device

  • Centralized management

  • Flexible
  • Single point of failure

  • Slow performance if handles a lot of applications

Next-Generation Firewall (NGFW)

  • Deep-packet inspection

  • Included Intrusion prevention systems (IPS)

  • Application Identification and filtering
  • Highly Secure

  • Monitors network protocols from the data link layer

  • More efficient than the combination of other firewalls
  • Single point of failure 

  • Require high investment & resources

  • Complex configuration

  • Slower performance compared to traditional firewalls

Threat-Focused NGFW

  • All the capabilities of a traditional NGFW + advanced threat detection and remediation
  • Robust threat defense
  • Same limitations as NGFWs

Virtual Firewall

  • Virtual appliance in a private cloud (VMware ESXi, Microsoft Hyper-V, KVM) or public cloud (AWS, Azure, Google Cloud, …)
  • More cost-effective than physical firewalls

  • Scalable

  • Flexible: customize policies based on specific needs

  • Centralized management
  • High resource consumption

  • Security risks if not properly configured

  • Complex configuration

  • Price fluctuates based on consumption

Cloud Native Firewall

  • Multi-tenant capabilitySmart load balancing
  • Agile and elastic: customize policies based on specific needs

  • Centralized management

  • Scalable
  • Single point of failure

  • Complex configuration

  • Slow down network performance

Firewall Requirements for ISO 27001

Among the 93 controls outlined in ISO 27001:2022, Annex 8.20 Networks security and 8.21 Security of network services (replace ISO 27001:2013 Annex 13.1.1 and 13.1.2) are particularly relevant to Firewall requirements.

Annex A 8.20: Network and network devices should be secured, managed and controlled to protect information in systems and applications.”

    This Annex mandates the implementation of controls to safeguard information security within networks and to prevent unauthorized access to connected services. 

    Within network security management, two relevant controls concerning Firewalls are the Security of Network Services and Network Controls.

    Network Controls:

    Like other types of security controls, network controls can be categorized into various types, depending on their primary function. Here are some control types that related to Firewalls:

    • Preventive controls aim to preemptively halt attacks or intrusions. Firewalls are among such preventive controls. Other examples include Intrusion Prevention Systems (IPS), Web Gateways, and physical isolation of network components.

    Security of Network Services:

    Network services security is ensured through the establishment of Network service agreements that outline relevant security parameters and requirements, including the deployment of firewalls. These agreements must be documented and signed to ensure adherence to security protocols.

    Annex A 8.21: Security mechanisms, service levels and service requirements of network services should be identified, implemented and monitored”.

      Network services include systems operating on the ‘network application layer’ like email, file servers, as well as infrastructure components like firewalls, Intrusion Detection System (IDS), gateway antivirus platforms, and connection services. 

      To enhance security, one recommended measure outlined in this Annex is to employ mechanisms that limit access to network services or applications, a task typically accomplished through the utilization of firewalls and IDS/IPS.

      Sign up for Agency today to explore the capabilities of Firewalls for your business. 

      Total
      0
      Shares
      Leave a Reply

      Your email address will not be published. Required fields are marked *

      Related Posts