ISO/IEC 27033-4
ISO/IEC 27033-4:2014 Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways
(first edition)
Abstract
ISO/IEC 27033 part 4 “gives guidance for securing communications between networks using security gateways (firewall, application firewall, Intrusion Protection System, etc.) in accordance with a documented information security policy of the security gateways, including:
identifying and analysing network security threats associated with security gateways;
defining network security requirements for security gateways based on threat analysis;
using techniques for design and implementation to address the threats and control aspects associated with typical network scenarios; and
addressing issues associated with implementing, operating, monitoring and reviewing network security gateway controls.”
[Source: ISO/IEC 27033-4:2014]
Introduction
Part 4 gives an overview of security gateways, describing different architectures.
Scope
Guidance on securing communications between networks through gateways, firewalls, application firewalls, Intrusion Protection System [sic] etc. in accordance with a policy.
Includes identifying and analysing network security threats, defining security control requirements, and designing, implementing, operating, monitoring and reviewing the controls.
Structure
Main clauses:
6: Overview
7: Security threats
8: Security requirements
9: Security controls
10: Design techniques
11: Guidelines for product selection
Status
ISO/IEC 27033-4 revised and replaced ISO/IEC 18028-3.
The current first edition of part 4 was published in 2014 and confirmed unchanged in 2019.
It is slightly more up to date than other parts of ISO/IDC 27033 in that it mentions 'cloud', twice, and even VoIP. Gosh. Denial-Of-Service attacks on corporate networks were evidently a big concern back in 2014, but ransomware was yet to make its big entrance stage right.
Commentary
The standard outlines how security gateways (a.k.a. firewalls) analyse and control network traffic through:
Packet filtering;
Stateful packet inspection;
Application proxy (application firewalls);
Network Address Translation;
Content analysis and filtering.
It guides the selection and configuration of security gateways, choosing the right type of architecture for a security gateway which best meets the security requirements of an organisation.
It refers to various kinds of firewall as examples of security gateways. [Firewall is a commonplace term of art that is curiously absent from ISO/IEC 27000 and ISO/IEC 27002, neither is it defined explicitly in this standard. I wonder if some ancient ISO standard had already 'taken' the term to describe a physical barrier impeding the spread of fire and smoke e.g. from the engine into the passenger compartments of a car?].