INFRA-5 Firewalls

What is this control about?

A firewall is a network security system that monitors, and controls incoming and outgoing network traffic based on predetermined security rules. This is an essential part of every company’s network and TrustCloud automates this control.

Evidence of “deny all” rules and NAT (Network Address Translation) rules are required.

Available tools in the marketplace 

Available templates

TrustCloud has a curated list of templates internally or externally sourced to help you get started. Click on the link for a downloadable version:

• N/A – no templates recommendation

Control implementation

Note: This control is 100% automated by TrustCloud. Connect your system to enjoy the benefit of automation

All organizations have an understanding of firewall implementation. There will be no further instructions on implementation.

What evidence do auditors look for?

Most auditors, at a minimum are looking for the below suggested action.

• Provide the firewall rules (Block, Allow, Deny ,etc..)

Evidence example

From the suggested action above, an example is provided below.

1. Evidence of “deny all” rules and NAT (Network Address Translation) rules are required.

Screenshot shows the rules for a specific firewall

(Google search results of “deny all firewall rules”)