Firewall hardening

andr2ea_g · ‎08-07-2012

Hello guys,

I must do a node hardening on a firewall. The firewall is not from Cisco, but the vendor name is not essential for my question. I would like to know your opinions on which are the key points for a firewall hardening?

I'm addressing this question here as this is a large community where many of you have a lot of experience and can provide some guidelines.

Could you please help me?

Thank you!

nkarthikeyan · ‎08-07-2012

Hi Andrea,

Any firewalls should do the below mentioned things to keep the network secured.

1) You real IP's of the internal network should not be exposed to outside world.

2) Always its mandate to block as much as possible on the outside interface i.e the traffic that comes from the outside world to your internal network.

3)Always keep focus on the encrypted way of communication.... VPN/Some other encryption especially when it accesed from unprotected zone.

4) Block the vulnerable protocols example icmp...

5) Preferred to use CLI instead of GUI.

6) Inspection to be performed on critical protocols.

7) Make it specific instead of any any traffic.

8) Syslog should be available for the logs... for artifacts and for the regular audits.

9) IPS/IDS should be inplace incase of internet firewall.

10) Update the patches whenever to match with the latest standards and well protected as required for your network.

11) Keep the management access very specfic i.e it should on the seperate interface or on a well protected zone.

We can keep on adding like this...... when we talk about hardening

By

Karthik