| Network Admin- CT at Hartford, Connecticut, USA |
| Email: [email protected] |
| From: Chandra N, Siri Info [email protected] Reply to: [email protected] Role name:Network AdministratorRole Description:Firewall Environments Browsing Mainly an egress firewall for internal web browsing with 2 DMZs for Webster employee facing service ingress such as email and VPN. Ecomm (DMZ) Ingress and egress for Webster Bank customer facing services such as websites, APIs and SFTP. Vendor ingress and egress for Webster core banking services and vendor connectivity. PDD protected internal services that contain sensitive information such as PII, PCI and HIPPA data. Extra care should exercise when creating rules to allow traffic in this environment.Requested work to be performed Review traffic for Allow/Deny logs in our 4 environments (Browsing, Ecomm, Vendor and PDD) Add rules to allow traffic where neededo Conduct a review of current rules. If possible, add to existing allow rules. If no rules exist best effort grouping of like rules based on Service or protocol is required.o Rules should always be Layer 7 based unless there is no application defined.o If there is no application defined, a layer 4 based rule is permitted but should be monitored for layer 7 application signature match to which that application should be added to the layer 4 based rule for added security. Create a firewall request and Document all rules created during the Migration. Provide the document to the Infrastructure Security Team for next day review and back fill of any firewall requests needed during the migration. Assess firewall policies to proactively identify policy issues prior to application migration.Competencies:Firewall Administration - Security Management (IT IS)Experience (Years):4-6Essential Skills:Firewall Environments Browsing Mainly an egress firewall for internal web browsing with 2 DMZs for Webster employee facing service ingress such as email and VPN. Ecomm (DMZ) Ingress and egress for Webster Bank customer facing services such as websites, APIs and SFTP. Vendor ingress and egress for Webster core banking services and vendor connectivity. PDD protected internal services that contain sensitive information such as PII, PCI and HIPPA data. Extra care should exercise when creating rules to allow traffic in this environment.Requested work to be performed Review traffic for Allow/Deny logs in our 4 environments (Browsing, Ecomm, Vendor and PDD) Add rules to allow traffic where neededo Conduct a review of current rules. If possible, add to existing allow rules. If no rules exist best effort grouping of like rules based on Service or protocol is required.o Rules should always be Layer 7 based unless there is no application defined.o If there is no application defined, a layer 4 based rule is permitted but should be monitored for layer 7 application signature match to which that application should be added to the layer 4 based rule for added security. Create a firewall request and Document all rules created during the Migration. Provide the document to the Infrastructure Security Team for next day review and back fill of any firewall requests needed during the migration. Assess firewall policies to proactively identify policy issues prior to application migration.Desirable Skills:Firewall Environments Browsing Mainly an egress firewall for internal web browsing with 2 DMZs for Webster employee facing service ingress such as email and VPN. Ecomm (DMZ) Ingress and egress for Webster Bank customer facing services such as websites, APIs and SFTP. Vendor ingress and egress for Webster core banking services and vendor connectivity. PDD protected internal services that contain sensitive information such as PII, PCI and HIPPA data. Extra care should exercise when creating rules to allow traffic in this environment.Requested work to be performed Review traffic for Allow/Deny logs in our 4 environments (Browsing, Ecomm, Vendor and PDD) Add rules to allow traffic where neededo Conduct a review of current rules. If possible, add to existing allow rules. If no rules exist best effort grouping of like rules based on Service or protocol is required.o Rules should always be Layer 7 based unless there is no application defined.o If there is no application defined, a layer 4 based rule is permitted but should be monitored for layer 7 application signature match to which that application should be added to the layer 4 based rule for added security. Create a firewall request and Document all rules created during the Migration. Provide the document to the Infrastructure Security Team for next day review and back fill of any firewall requests needed during the migration. Assess firewall policies to proactively identify policy issues prior to application migration.Country:United StatesBranch | City | Location:TCS - Hartford, CT Southington Southington, CT Keywords: information technology Connecticut |
| [email protected] View all |
| Fri Jan 12 04:31:00 UTC 2024 |