{"id":69,"date":"2021-08-10T19:39:00","date_gmt":"2021-08-10T19:39:00","guid":{"rendered":"https:\/\/en.tkrug.fr\/?p=69"},"modified":"2023-05-08T19:41:41","modified_gmt":"2023-05-08T19:41:41","slug":"new-firewall-perso","status":"publish","type":"post","link":"https:\/\/en.tkrug.fr\/index.php\/2021\/08\/10\/new-firewall-perso\/","title":{"rendered":"New firewall (perso)"},"content":{"rendered":"\n<p>My firewall had become too complicated to administer in order to satisfy the new security policies that I implemented on my personal computer network: flow separation, IPS, anti-virus, etc\u2026<\/p>\n\n\n\n<p>So I decided in November-December 2020 to migrate my Gateway to ClearOS, with a classic IPTables firewall, as well as some features to a more advanced firewall. For security reasons, I will not divulge its OS, nor its rules.<\/p>\n\n\n\n<p>However, I was able to set up the separation of flows through several VLANs, with strict rules so as not to allow unwanted communications between VLANs, as well as an IDS\/IPS on certain interfaces.<\/p>\n\n\n\n<p>All of the filtering and NAT rules have also been reviewed in order to provide maximum network security.<\/p>\n\n\n\n<p>The VPN has also been reviewed to follow the latest security standards.<\/p>\n\n\n\n<p>This update required about 24 hours of work on the initial configuration, and a refinement of about 1 month in order to deactivate the permissive rules of the first times by replacing them with strict rules, and to configure the IDS \/ips.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>My firewall had become too complicated to administer in order to satisfy the new security policies that I implemented on my personal computer network: flow separation, IPS, anti-virus, etc\u2026 So I decided in November-December 2020 to migrate my Gateway to ClearOS, with a classic IPTables firewall, as well as some [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":70,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-69","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts\/69","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/comments?post=69"}],"version-history":[{"count":1,"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts\/69\/revisions"}],"predecessor-version":[{"id":71,"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts\/69\/revisions\/71"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/media\/70"}],"wp:attachment":[{"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/media?parent=69"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/categories?post=69"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/en.tkrug.fr\/index.php\/wp-json\/wp\/v2\/tags?post=69"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}