What basic functions should the average computer user know about software or hardware firewall configuration?

2017-09-29T13:00:26-04:00

Update (4/16/2020): This was meant to apply to users on their PC on their home network. Looking back, I should've specified this much earlier.

I'm going to start with a few:
1. How to turn it on
2. Logging
3. That it's not a complete solution
4. What it does and doesn't do

Response by Sgt Wayne Wood made Sep 29 at 2017 1:07 PM

2017-09-29T13:07:15-04:00

Iptables. A scripting language to automate it, TCL if you're working on Cisco. What the standard ports are. What ephemeral ports are. TCP/IP. Handshaking. How to defeat IDS.

Response by SSG Derek Scheller made Sep 29 at 2017 1:25 PM

2017-09-29T13:25:20-04:00

Honestly I believe the average user should just know how to implement it and what the effects are of allowing applications through your firewall. If we are being completely honest with ourselves here, the average user is lucky if they know how to enable and disable even their AV. Without training you can't expect the average user to know how logging works and how to manipulate it unless they do their own research.

Response by PO3 Steven Sherrill made Sep 29 at 2017 1:44 PM

2017-09-29T13:44:46-04:00

SGT Private RallyPoint Member In a perfect world, you don't want the average user touching the firewall at all in any way. They are likely to cause more problems than they can possibly solve. What I want the average user to know about the firewall is that if a site they need to complete a task is blocked by the firewall, send the URL to the IT Group so it can be reviewed and a decision made. Sorry, Netflix is not needed for work purposes.

Response by SSgt Ryan Sylvester made Sep 29 at 2017 1:59 PM

2017-09-29T13:59:56-04:00

That they can turn it off by pressing Ctrl [. If they can't get to the website they are trying to get to after that, there must be something wrong with that website. Just try again later, or use their BYOD.

Yes. Ctrl [ works on all firewall software. Yes, it works on your Mac, too. Yep, even if it's 10.7 because you haven't upgraded since the Stone Ages. Oh, your Ctrl key isn't working? Just use the Alt key instead, that'll work, too.

Response by Sgt Private RallyPoint Member made Sep 29 at 2017 2:12 PM

2017-09-29T14:12:27-04:00

In my opinion, what defines an average user? Anyways, I wouldn't expect an average user to know really, as I wouldn't want them touching any of that, even if they were knowledgeable. That's where Cyber security awareness training comes into play, and the guidelines for the same.

Response by Capt Private RallyPoint Member made Sep 29 at 2017 5:34 PM

2017-09-29T17:34:06-04:00

That we have a firewall to protect the network and that it'd not ok to try and get around it.