Firewall Template Rules
| From | To | Ports | Description |
|---|---|---|---|
| tsaw_av_servers | DEST IP(s) | tsaw_av | SophosRMS (tcp:8192-8194) |
| tsaw_hips_servers | DEST IP(s) | tsaw_hips | OSSEC (udp:1514) |
| g_su_admin_nets | DEST IP(s) | tsaw_ips | NAT-T (udp:4500) IKE (udp:500) ESP (IP Proto 50) AH (IP Proto 51) |
| tsaw_pbst_servers | DEST IP(s) | tsaw_pbst | MS-RDP (tcp:3389) MS-RDP-VM (tcp:2179) WINS SVCS (tcp/udp:135,139,445) IPMI RCMP (udp:623) HTTPS (tcp:443) DRAC-Vmedia (tcp:3668) DRAC-console (tcp:5900-5001) WST-RPCserver (tcp:4900-5000) WINRM (tcp:5985-5986) |
| tsaw_nagios_servers | DEST IP(s) | tsaw_nagios | Nagios (tcp:5666) |
| tsaw_pbst_servers | iDRAC DEST IP(s) | tsaw_drac | SSH (tcp:22) IPMI (udp:623) HTTP (tcp:80) HTTPS (tcp:443) DRAC-Vmedia (tcp:3668) DRAC-Console (tcp:5900-5901) |
| tsaw_bigfix_r1_servers | DEST IP(s) | tsaw_bigfix | BigFix (udp:52311) |
Traffic Outbound from the Firewall
N/A
| Group | Members |
|---|---|
| tsaw_av_servers | tem2 smrwech01 smrwech02 smreech01 smreech02 |
| tsaw_hips_servers | ossec1 ossec2 |
| tsaw_pbst_servers | 171.67.47.32/27 171.67.47.128/28 e-pc-3 e-pc-5 |
| tsaw_nagios_servers | nagios01 nagios02 providence |
| tsaw_bigfix_r1_servers | bigfixcore |
Roles
Template Owner
Responsible for determining, maintaining and modifying the template rules and membership of the different server groups. The application owner is notified regarding any changes to the template.
Current Template Owners
- Anne Pinkowski
- Ross Wilper
System Administrators
Request rule approval from the application owner.
ISO Security
The ISO group will audit the rules and make recommendations as needed or upon request from either the System Administrators or the Application Owners. In addition, any changes to this template must be reviewed by ISO prior to implementation.
