Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 909 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

protecting the SSL service

andy.l
Hi
Currently considering enabling and using the builtin ssl remote access function within my firewall, but do I have to take measures to securing the UTM or is this "safe by default". By using the SSL VPN functionality I basically are exposing https on the firewall. Couldn´t this be uses as a jumping point for penetrating my network?
Any thoughts about this would be highly appreciated.

/Andy


This thread was automatically locked due to age.
Parents
  • 0
    SSL VPN service is a safe service. Yes it requires 1 open port of course. The openssl product is widely used and if any vulnerabilities are found they will be fixed quickly.

    By enabling SSL vpn you are only opening this one port that is configured to be used (not necessarily 443). Every other port is still closed unless you specifically open it in the firewall.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Reply
  • 0
    SSL VPN service is a safe service. Yes it requires 1 open port of course. The openssl product is widely used and if any vulnerabilities are found they will be fixed quickly.

    By enabling SSL vpn you are only opening this one port that is configured to be used (not necessarily 443). Every other port is still closed unless you specifically open it in the firewall.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML