The objective of this standard is to define the configuration to be met by all servers owned or managed by Company that are located outside of the firewalls. The standards are designed to minimize the exposure to Company from damages that may result from malicious activities from both internal and external entities. Internet facing devices located outside the Company firewalls are considered part of the DMZ.
The standard outlines two goals for the deployment of systems in untrusted Company controlled environments. The first goal of this standard is to provide an approach to developing an environment designed to appropriately expose web applications to the Internet while protecting the internal network, application data and other applications from exposure. As the word ‘appropriately’ can be interpreted in many ways, this document’s purpose is to define the methodology and architecture of the DMZ design.
The second goal is that this infrastructure is designed for multiple tenant operations and lifecycle support.
a. Multiple Tenant Support: Each DMZ segment can house multiple applications, and, if desired, a VLAN can be assigned within each DMZ for the express purpose of housing a single application, or a class of applications.
b. Lifecycle Support: Each lifecycle (Production, Prod-Test, or QC) environment must be separated.
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. STANDARD
3.1 GENERAL
3.2 LOGICAL DESIGN
3.3 LOGICAL DESIGN CONSIDERATIONS
3.4 INFRASTRUCTURE MANAGEMENT
3.5 PHYSICAL DESIGN
3.6 DATA CLASSIFICATION AND USAGE
3.7 APPLICATION/SYSTEM ENTRY PROCESSES
3.8 THIRD PARTY MANAGED DEVICES
4. ROLES AND RESPONSIBILITIES
5. EXCEPTIONS
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
Pages: 13
This bundle contains all the products listed in the Operations Management section. Take advantage of the 25% OFF when buying the bundle!
The objective of this policy is to define standards, procedures, and restrictions for end users who are connecting a personally-owned device to Company’s organization network for business purposes.
The purpose of this Business Continuity Plan Procedure is to provide an effective, fit-for-purpose, predefined and documented framework and process to enable the Business Continuity Management of the Company’s Mission Critical Activities and their dependencies.
Review Internet Hosting and DMZ Standard.
You must be logged in to post a review.