06-26-2008 01:31 AM - edited 03-11-2019 06:05 AM
Does anyone have any good resources or articles on hardening an ASA?
General stuff will do and I will make it more specific as I go.
Thanks.
06-28-2008 07:12 AM
Hi,
Here are few I can think of now -
1. Remove telnet access , use only SSH (preferable v2 and with SSH timeout set)
2. Allow only specific users/nw to SSH to the ASA box and preferable only from the Inside interface.
3. Create local users on the ASA with different priveleges or using a AAA server.
4. Logging should be enabled and also set a syslog server IP where the logs can be exported.
5. Review the access-lists and the NAT configuration, remove the unwanted ones.
06-28-2008 07:11 PM
Michael,
Here is a prety good article on firewalling best practices in general, just wait few seconds for the article to load.
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci838230,00.html
Rgds
-Jorge
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: