Minimizing the exposure of systems to External Networks

• Install and configure gateway firewall.
• Configure inbound and outbound Access Control List (ACL) to control only required and legitimate traffic only to be allowed to go in and out of the network.
• Close all the ports and only open the required port.
• Avoid “any” “any” rules set up in all the configurations.
• All rules must be configured to ensure no “unwanted services” or “hosts” are exposed to the internet, web protection anti-malware, web and app visibility, control, and protection.
• Implement network segregation by having Demilitarized Zone (DMZ) for public facing servers, server zone and user zone.
•  All remote access to digitalization infrastructure shall be done via VPN.