cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1060
Views
5
Helpful
2
Replies

ASA Firewall Hardening

mikedelafield
Level 1
Level 1

Does anyone have any good resources or articles on hardening an ASA?

General stuff will do and I will make it more specific as I go.

Thanks.

2 Replies 2

Hi,

Here are few I can think of now -

1. Remove telnet access , use only SSH (preferable v2 and with SSH timeout set)

2. Allow only specific users/nw to SSH to the ASA box and preferable only from the Inside interface.

3. Create local users on the ASA with different priveleges or using a AAA server.

4. Logging should be enabled and also set a syslog server IP where the logs can be exported.

5. Review the access-lists and the NAT configuration, remove the unwanted ones.

Michael,

Here is a prety good article on firewalling best practices in general, just wait few seconds for the article to load.

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci838230,00.html

Rgds

-Jorge

Jorge Rodriguez
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: