Minimizing the Exposure of Systems to External Networks

• Install and configure Gateway firewall
• Configure Inbound and outbound ACL (Access Control List) to control only required
  and legitimate traffic only to be allowed to go In and Out of the network.
• Close all the ports and only open the required port
• Avoid "any'"'any" rules set up in all the configurations
• All rules must be configured to ensure no 'unwanted services' or 'hosts' are exposed
  to the internet
• Implement network segregation by having DMZ for public facing servers, Server
  Zone and User zone
• Ensure that the network is secure by Segregating different administrative duties
• All remote access to core ICT infrastructure should be done via VPN