Department of Defense
High Performance Computing Modernization Program

Firewall configuration guidance for specific manufacturers and specific open source software may be found in the Security section of the IPv6 Knowledge Base. For commercial products, the manufacturer’s website provides guidance. For open source software, the developer’s website provides guidance.

While not specific to any one manufacturer or software developer, this 2016 Firewall Best Practices publication contains detailed guidance for configuring packet filtering for common protocols.

The Grand European Academic NeTwork (Géant) project documented many Network Monitoring recommendations. An example is this Campus Network IPv6 and Firewalling document.

These two publications while dated are still good general references on things to do (and to avoid) when configuring firewalls:

The National Institute of Standards and Technology (NIST) published SP800-41 Rev. 1, Guidelines on Firewalls and Firewall Policies, offering security principles and guidance for configuration of firewalls (IP agnostic guidelines with limited guidance specifically for IPv6). Other NIST Special Publications (SP) on security are publicly available here.

The National Security Agency (NSA) Systems and Network Attack Center (SNAC) published Firewall Design Considerations for IPv6 offering design and security guidance to protect IPv6 networks. Other NSA Security Configuration Guides are available here (hover over the word "LIBRARY" in the row of keywords at the top of the screen to see other available subject areas). Older NSA Security Configuration Guides are archived here .


Top