What are you sysadmins doing to make sure that your ability to remote admin a firewall is the safest it can be? What is the safest setup you have, short of only using the console connection and having to physically touch the firewall?
SnapOverflow
What are you sysadmins doing to make sure that your ability to remote admin a firewall is the safest it can be? What is the safest setup you have, short of only using the console connection and having to physically touch the firewall?
Having a separate (ie isolated from production) Management Network is generally a good starting point - put the Firewall management port on that and disable in band management from the production interfaces if at all possible. Other than that if your firewall hardware has something similar to DRAC\ILO\RSA then enable that and put that on an independent management network too. Also apply suitable paranoia in terms of account lifecycle management, enforce strong authentication and access rights. And if someone isn't actively managing it ie monitoring the access on it, keeping it fully patched and auditing the rules then you're wasting your time.
The safest I've ever seen simply adds layers - apply the above to two (or more) independent firewalls and keep the teams managing them apart, including limiting physical access. It costs a lot to run something at that level of paranoia though and it would be a waste of resources that could be usefully used more productively elsewhere for most organisations.
Enable configuration logging, that way you can see what's changed. Use the most secure password setup / user accounting you can.
Use secure passwords, ssh not telnet, etc. Lock down access to within a known IP range. Keep regular backups of your configuration in a source control repository. Don't forget physical rack security too.
We'd generally have management done only from the internal network, from a specific management machine, and force users to connect through several machines to get to this.