16. HealthSafe Firewall Policy



FIREWALL POLICY



Document Identification 

HSNZ/POL/16

Document Name

Firewall Policy

Master Copy

CISO

Version Number

1.3

Date Of Release 

15 Aug 2023

Prepared By

Eparama Tuibenau

CISO

Approved by

Kevin McAfee

Managing Director


 


VERSION HISTORY


Sl No

Version No.

Prepared by

Approved by

Description of Version

Date

Reason for Version Change

From

To

1

1.0

-

CISO

MD

First Release

14 Apr 2020 

No changes made

1

1.0

1.1

CISO

MD

Updated

26 Jun 2021 

Minor wording updates

1

1.1

1.2

CISO

MD

Reviewed

28 Jul 2022 

Annual review

1

1.2

1.3

CISO

MD

Reviewed

15 Aug 2023

Annual review


DOCUMENT STATUS


Date

Document Status

14 Apr 2020

Modified

26 Jun 2021

Reviewed

28 Jul 2022

Reviewed

15 Aug 2023

Current


Table of Contents

1 Purpose


2 Scope


3 Input


4 Output


5 Interacting Process


6 Abbreviations, Acronyms and Definitions


7 Procedure


8 Monitoring the Process


9 Records



  1. PURPOSE
    The purpose of this document is to establish and maintain a policy for firewall for HealthSafe NZ.

  2. SCOPE
    These procedures applies to all aspects of Firewall

  3. ABBREVIATIONS, ACRONYMS AND DEFINITIONS

Abbreviation

Description

FH

Functional Head

IT

Information Technology Department

TL/PM

Team Lead / Project Manager

CISO

Chief Information Security Officer



4 INPUT

Firewall Appliance


5 OUTPUT

Inbound and Outbound traffic are correctly routed to the destination


6 INTERACTING PROCESS

IT team


7 PROCEDURE

Firewalls are chosen based upon their history of security and particular feature fit to the desired task.  Firewall solution deployed is configured to support the minimum required options of firewall technology. 


Firewall Design Implementation

The Firewall Design allows minimum access required through the firewall for the business purpose. 


Consideration made is: 

  • Risk & Threat Assessment
  • Administration
  • Monitoring
  • Configuration Management
  • Intrusion Detection System

Firewall rule sets are based upon a default deny principle and rule. These rules restrict access between trusted hosts. 


Firewall Monitoring

Firewall logs are monitored through firewall platform. 


The logs related to the firewall rule change, and attack attempts will be stored in an online platform for audit purposes. 


Intrusion Detection

Globally all inbound traffic with an low IP reputation threshold are denied.




8 MONITORING THE PROCESS

  • Firewall platform is monitored regularly and email notifications are triggered regularly.

9 RECORDS

  • Regular monitoring logs
  • Regular email notifications with reports
  • Slack notifications