|
The next step in effective network security is blocking traffic that is known or believed to be harmful.
- Network traffic with a source address that originates externally and enters the protected network from the perimeter should be blocked at the perimeter router.
- Network traffic with a private address is also potentially bad traffic and should be blocked.
- TFTP has the potential to retrieve files or password lists with no authentication, so it should also be denied.
Allow established TCP connections from the internal networks, but all other incoming traffic should be routed to DMZ servers only.
|