Firewall bloopers by cloud computing administrators

Cloud computing has gained eminence for organizations by offering significant capacity and agility increment, with reduced costs.  But still bloopers on part of administrators on configuration and usage of firewalls, leaves lot to achieve for better ROI and TCO for cloud computing resources.


Few blunders are enlisted


Plethora of firewall rules

During implementation of cloud computing solution, companies start with just a few rules in firewall or in the Amazon Security Groups by with further changes and updates especially when the system goes live, the list of rules and policy exceptions grows and increasing complexity for any further changes.


Hence, limit the number of rules in firewall or security group maximum to fifteen for ease in administration, lessens complexity and prevent future accidents.

The 0.0.0.0/0 threat

Usually a firewall rule which opens a port to 0.0.0.0/0, also opens the service for access by public Internet. This not only difficult to detect but also makes system more vulnerable. Hence, check for any such rules.

Apply authorisation in rules management

Every user of the cloud computing system whether a developer or other end user should not have access to rule configuration and hence, only administrator should be able to configure security groups.

 

Configure ELB for Web traffic only

Companies, who are utilizing ELB (Elastic Load Balancer) under the AWS (Amazon Web Service) deployment, should configure it to allow only web traffic (HTTP and HTTPS) so as to reduce exposure.

These steps will go a long way in using cloud computing in not only effective and efficient manner but also add a layer of security to cloud service deployments in the organization.