Security is the biggest concern for customers of cloud, virtual, and dedicated servers. On the front lines of the defense against digital attacks is the firewall which makes it the most vulnerable. Customers often leave administrative ports like SSH open in order to log in remotely to their servers. This poses a huge threat as hackers can use brute force tactics to crack the username and password, gaining access to sensitive business data.
When you deploy a dedicated server, it’s critical to consider how you manage the firewall to secure access. Managing the OS level firewall manually can be a complex and tedious task. What’s more, closing ports used to access your servers can lock yourself out just as easily as it can safeguard your machine.
Closing the Barn Door with Firewall Management
One approach to this problem is a firewall management service. Firewall management services let you remotely manage firewall policy without fear of administrator lockouts. They enable you to configure your firewall policies more easily and effectively through GUI-driven group-based rules and automated workflows to ensure a balance between accessibility and security.
Firewall management services enable you to:
Firewall management services offer the key innovation of automation — dynamically generated, time-based access to whatever service you specify. This lets you close all service ports by default, but open them on-demand. Ports are opened for authorized users only. Once the ports are opened via policy a time limit is placed on the port. When the timer for the port runs out, the firewall management service will dynamically close the port, making sure that there are no vulnerabilities that hackers can exploit due to a port left open.
With a firewall management service, your dedicated servers are practically invisible to attackers. Any remote scan of commonly used administrative ports will fail to yield a reply, since the port is closed. What’s more, since the firewall management service uses the operating systems own firewalls by default, the impact on any machine are minimal.
You can learn more about managing firewall risks in this free study by the Ponemon Institute.
About the Author
Dave Meizlik is the Vice President of Marketing & Business Development for Dome9 Security. Dome9 is the leader in cloud security firewall management. Its service automates and centralizes cloud firewall management.