How do I harden my CP firewall? I have all sorts of ports open that I do not want open and I'm failing scan test. I have UDP port 500 open, some other port of 18264, 264, and worse of all I'm unable to turn off SSL externally and it is supports TLS.1.0.
I have worked with my other firewall and never had an issue like this. I had about 50 ports open, and their tac had me make a stealth rule. This stealth rule blocked a lot of ports, but this CP still has open ports.
I have never had this issue on my SRX, Palo, Fortinet or ScreenOS, I more of a CLI Jockey, CP and the way they do things are very counter-intuitive to me.
No comments:
Post a Comment