OPNsense Firewall
Description
The OPNsense firewall acts as the primary network security gateway for the Scheol Lab environment.
It provides:
- traffic filtering
- network segmentation
- intrusion detection capabilities
- monitoring of network flows
The firewall separates the internal infrastructure from external networks and enforces security policies.
Asset Identification
| Attribute | Value |
|---|---|
| Asset ID | INF-OPN-01 |
| CI Type | Infrastructure |
| Asset Name | OPNsense Firewall |
| Asset Category | Network Security |
| Owner | Security Role (Sec) |
| Status | In Progress |
| Location | Internal Lab Network |
| Primary Function | Network filtering and segmentation |
Asset Dependencies
| Dependency Type | Asset | Status |
|---|---|---|
| Internal Infrastructure | Proxmox Host | Active |
| External Connectivity | Internet Service Provider | Active |
| Monitoring | Logging / SIEM Platform | Planned |
Relationships
| Relationship | Target CI |
|---|---|
| Hosted on | Proxmox Host |
| Protects | Internal Lab Network |
| Provides capability | Secure Remote Access |
| Supports capability | Security Monitoring & Detection |
Asset Classification
| Criteria | Level |
|---|---|
| Confidentiality | 🟥 High |
| Integrity | 🟨 Medium |
| Availability | 🟥 High |
Criticality score: 🟥 High
Rationale:
- Confidentiality is important due to exposure to external networks.
- Availability is critical to maintain connectivity between infrastructure components.
Responsibilities
| Role | Responsibility |
|---|---|
| Security Role (Sec) | Security policies, monitoring, IDS/IPS configuration |
| Operations Role (Ops) | System maintenance and updates |
Security Controls (High-Level)
The following security controls are typically applied to this asset:
- Network Access Control - enforcement of firewall rules and network segmentation
- Intrusion Detection / Prevention - monitoring of suspicious network activity
- Administrative Access Control - restricted management access and authentication policies
- Configuration Management - controlled firewall configuration changes
- Logging and Monitoring - collection and analysis of network security events
Security Considerations
Typical risks related to this asset include:
- Firewall misconfiguration
- Unauthorized administrative access
- Exposure of internal services
- Denial-of-service conditions
Security practices include:
- strict network segmentation
- logging and monitoring of network events
- limited administrative access
- regular configuration review
Methodological References:
- ISO 27001 - Control 8.20 Network security ; Control 8.22 Segregation of networks.
- NIST CSF - PR.AC Identity Management, Authentication and Access Control ; PR.PT Protective Technology.
- EBIOS RM - Network infrastructure assets.