Hardware and software firewall
Hello,
In a web server, you have opened ports 80 and 443 through the hardware firewall and closed the rest of the ports. Do you need to do the same with the Linux firewall (iptables)? Thank you. |
I think so.
|
If you have a hardware firewall and you know that it is configured properly and always turned on, you don't need anything more.
|
I was thinking the OP was asking about his server. I'd assume it may have firewall on by default?
|
I would be guided by the old saying, "You can't be too careful."
In other words, I'd configure both hardware and software firewalls, just in case the hardware firewall got breached or malfunctioned in some way. Just my two cents. |
I was going to say NO, until I Googled.
Quote:
|
Nowadays zero trust is the preferred approach. No matter how many firewalls are protecting your system you must configure it as if it is facing the internet, anything else in considered slack and insecure. Hardware firewalls are getting owned all the time https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cisco
|
Quote:
Thank you so much for your reply. How do you set up zero trust in Linux? |
Zero trust is not a switch or a parameter - it is a philosophy, you must tighten up everything as far as it goes. https://en.wikipedia.org/wiki/Zero_trust_security_model
|
Hello,
Thank you so much for all replies. |
All times are GMT -5. The time now is 08:08 PM. |