ISO/IEC 27033-4
ISO/IEC 27033-4:2014 Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways
(first edition)
Abstract
ISO/IEC 27033 part 4 “gives guidance for securing communications between networks using security gateways (firewall, application firewall, Intrusion Protection System, etc.) in accordance with a documented information security policy of the security gateways, including:
identifying and analysing network security threats associated with security gateways;
defining network security requirements for security gateways based on threat analysis;
using techniques for design and implementation to address the threats and control aspects associated with typical network scenarios; and
addressing issues associated with implementing, operating, monitoring and reviewing network security gateway controls.”
[Source: ISO/IEC 27033-4:2014]
Introduction
Part 4 gives an overview of security gateways, describing different architectures.
Scope
Guidance on securing communications between networks through gateways, firewalls, application firewalls, Intrusion Protection System [sic] etc. in accordance with a policy.
Includes identifying and analysing network security threats, defining security control requirements, and designing, implementing, operating, monitoring and reviewing the controls.
Structure
Main clauses:
6: Overview
7: Security threats
8: Security requirements
9: Security controls
10: Design techniques
11: Guidelines for product selection
Status
ISO/IEC 27033-4 revised and replaced ISO/IEC 18028-3.
The current first edition of part 4 was published in 2014 and confirmed unchanged in 2019.
It is slightly more up to date than other parts of ISO/IDC 27033 in that it mentions 'cloud', twice, and even VoIP. Gosh. Denial-Of-Service attacks on corporate networks were evidently a big concern back then, but not ransomware.
Commentary
The standard outlines how security gateways (a.k.a. firewalls) analyse and control network traffic through:
Packet filtering;
Stateful packet inspection;
Application proxy (application firewalls);
Network Address Translation;
Content analysis and filtering.
It guides the selection and configuration of security gateways, choosing the right type of architecture for a security gateway which best meets the security requirements of an organisation.
It refers to various kinds of firewall as examples of security gateways. [Firewall is a commonplace term of art that is curiously absent from ISO/IEC 27000 and ISO/IEC 27002, neither is it defined explicitly in this standard. I wonder if some ancient ISO standard had already 'taken' the term to describe a physical barrier impeding the spread of fire and smoke e.g. from the engine into the passenger compartments of a car?].