Networking / Beginners

Remote firewall administration

Firewalls are the first line of defense visible to an attacker. By design, firewalls are generally difficult to attack directly, causing attackers to often target the administrative accounts on a firewall. The username/password of administrative accounts must be strongly protected.

The most secure method of protecting against this form of attack is to have strong physical security around the firewall host and to allow firewall administration only from an attached terminal. However, operational concerns often dictate that some form of remote access for firewall administration be supported. In no case should remote access to the firewall be supported over untrusted networks without some form of strong authentication. In addition, to prevent eavesdropping, session encryption should be used for remote firewall connections.

Low

Any remote access over untrusted networks to the firewall for administration should use strong authentication. This would consist of one-time passwords and/or hardware tokens.

Medium

The preferred method for firewall administration is directly from the attached terminal. Physical access to the firewall terminal is limited to the firewall administrator and backup administrator.

Tip When remote access for firewall administration must be allowed, it should be limited to access from other hosts on the organization's internal network. Such internal remote access requires the use of strong authentication, such as one-time passwords and/or hardware tokens. Remote access over untrusted networks such as the Internet requires end-to-end encryption, such as VPN tunneling, as well as strong authentication.

High

All firewall administration must be performed from the local terminal. No access to the firewall operating software should be permitted via remote access. Physical access to the firewall terminal should be limited to the firewall and backup administrators.

User accounts

Firewalls should never be used as general-purpose servers. The only user accounts on the firewall should be those of the firewall administrator and any backup administrators. In addition, only these administrators should have privileges for updating system executables or other system software.

Tip Only the firewall and backup administrators should be given user accounts on the organization firewall. Any modification of the firewall system software must be done by the firewall administrator or backup administrator and requires approval of the network services manager.

[Previous] [Contents] [Next]

In this tutorial:

  1. Firewall Security Policy
  2. Firewall protection
  3. Firewall architectures
  4. Multi-homed host
  5. Screened host
  6. Screened subnet
  7. Types of firewalls
  8. Packet-filtering gateways
  9. Application gateways
  10. Hybrid or complex gateways
  11. Routing versus forwarding
  12. IP spoofing
  13. DNS and mail resolution
  14. Intranet
  15. Network trust relationships
  16. Virtual private networks
  17. Qualification of the firewall administrator
  18. Remote firewall administration
  19. Firewall backup
  20. System integrity
  21. Physical firewall security
  22. Firewall incident handling
  23. Upgrading the firewall
  24. Revision/update of firewall policy
  25. Examples of service-specific policies