Report on the percentage of workstation firewalls, host firewalls, sub-network firewalls, and perimeter firewalls configured in accordance with policy

Status: Live

The organization will report on the percentage of workstation firewalls, host firewalls, sub-network firewalls, and perimeter firewalls configured in accordance with policy. [UCF ID 02116]

Metric guidance

Calculation: The calculation for this metric is # of workstation firewalls, host firewalls, sub network firewalls, and perimeter firewalls configured in accordance with policy / # of installed firewalls.

Calculation source: No authority document source of information exists. The following formula was used: the number of firewalls that have been configured according to the policies, standards, and procedures divided by the number of installed firewalls listed in the hardware inventory for each business unit (or the organization as a whole) .

The Common Control IDs associated with this metric are as follows:

    Key web-facing applications should have application layer firewalls [UCF Control ID 01450]
    Establish and maintain firewall design and configuration practices [UCF Control ID 00544]
    All mobile computers should be equipped with a firewall that is installed, active, configured by the organization, and not changeable by the end user [UCF Control ID 00550]
    Configure firewalls, routers, and networking equipment to follow organizational compliance mandates in order to protect confidential information and systems [UCF Control ID 01284]

Supporting and supported controls

This control directly supports:

    Establish and maintain a networks and firewalls metrics management program [UCF Control ID 02082]

There are no supporting controls.

Authority documents complied with:

CISWG Information Security Program Elements, January 10,2005, ISPE26.1; Guide for Developing Performance Metrics for Information Security, NIST SP 800-80, Table 20

US Federal Security Guidance

The organization must measure and report on the percentage of workstation firewalls, host firewalls, subnetwork firewalls, and perimeter firewalls configured in accordance with policy. [ISPE26.1, CISWG Information Security Program Elements, January 10,2005]

NIST Guidance

This metric must be calculated using # of workstation firewalls, host firewalls, sub network firewalls, and perimeter firewalls configured in accordance with policy / # of installed firewalls [Table 20, Guide for Developing Performance Metrics for Information Security, NIST SP 800-80]


Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.


Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.