{"id":114,"date":"2021-08-10T16:01:45","date_gmt":"2021-08-10T14:01:45","guid":{"rendered":"http:\/\/192.168.21.183\/?p=23"},"modified":"2023-05-07T19:55:30","modified_gmt":"2023-05-07T17:55:30","slug":"improve-him-believe-opinion-offered-2","status":"publish","type":"post","link":"https:\/\/tkrug.fr\/index.php\/2021\/08\/10\/improve-him-believe-opinion-offered-2\/","title":{"rendered":"Changement de pare-feu (perso)"},"content":{"rendered":"\n

Mon pare-feu \u00e9tait devenu trop compliqu\u00e9 \u00e0 administrer afin de satisfaire aux nouvelles politiques de s\u00e9curit\u00e9 que j’ai mis en place sur mon r\u00e9seau informatique personnel : s\u00e9paration des flux, IPS, anti-virus, etc…<\/p>\n\n\n\n

J’ai donc d\u00e9cid\u00e9 en novembre-d\u00e9cembre 2020 de migrer ma Gateway sous ClearOS, disposant d’un firewall classique IPTables, ainsi que quelques fonctionnalit\u00e9s vers un firewall plus \u00e9volu\u00e9. Par mesure de s\u00e9curit\u00e9, je ne divulguerai pas son OS, ni ses r\u00e8gles. <\/p>\n\n\n\n

J’ai pu cependant mettre en place la s\u00e9paration des flux au travers de plusieurs VLAN, ayant des r\u00e8gles strictes afin de ne pas autoriser les communications non voulues entre VLAN, ainsi qu’un IDS\/IPS sur certaines interfaces. <\/p>\n\n\n\n

L’ensemble des r\u00e8gles de filtrage et de NAT ont \u00e9galement \u00e9t\u00e9 revues afin de procurer un maximum de s\u00e9curit\u00e9 au r\u00e9seau. <\/p>\n\n\n\n

Le VPN a \u00e9galement \u00e9t\u00e9 revu afin de suivre les derniers standards de s\u00e9curit\u00e9. <\/p>\n\n\n\n

Cette mise \u00e0 jour m’a demand\u00e9 environ 24h de travail sur la configuration initiale, et un paufinement d’environ 1 mois afin de d\u00e9sactiver les r\u00e8gles permissives des premiers temps en les rempla\u00e7ant par des r\u00e8gles strictes, et \u00e0 la configuration de l’IDS\/IPS. <\/p>\n","protected":false},"excerpt":{"rendered":"

Mon pare-feu \u00e9tait devenu trop compliqu\u00e9 \u00e0 administrer afin de satisfaire aux nouvelles politiques de s\u00e9curit\u00e9 que j’ai mis en place sur mon r\u00e9seau informatique personnel : s\u00e9paration des flux, IPS, anti-virus, etc… J’ai donc d\u00e9cid\u00e9 en novembre-d\u00e9cembre 2020 de migrer ma Gateway sous ClearOS, disposant d’un firewall classique IPTables, […]<\/p>\n","protected":false},"author":1,"featured_media":166,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[8],"tags":[],"class_list":["post-114","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts\/114","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/comments?post=114"}],"version-history":[{"count":1,"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts\/114\/revisions"}],"predecessor-version":[{"id":168,"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/posts\/114\/revisions\/168"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/media\/166"}],"wp:attachment":[{"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/media?parent=114"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/categories?post=114"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tkrug.fr\/index.php\/wp-json\/wp\/v2\/tags?post=114"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}