MFA for firebox authentication?

Hello:

I have tried everything to secure my firebox from degregation of service, including blocking out all access from any point by changing the IP to something not in the internal network so no one could log into the portal or box.

Is there a MFA or something, as no matter what I do, after a while the service degrades as it seems that hackers get the best of it.

Regards,

  • Mike

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @rarenet1976

    We do offer MFA via Authpoint, but this is not done via Firebox-DB. The user database would be in the cloud, manged via your watchguard.com account.

    If you're referring to the WebUI for the firewall, the WatchGuard WebUI rule can be changed to only allow access via certain PCs or networks vice any-trusted. External access is not allowed by default.

    Are you trying to protect the firewall's admin interface via MFA or something else, like VPN?

    Thank you,

    -James Carson
    WatchGuard Customer Support

  • Please explain the degregation of service that you are seeing.

    Also, what firewall model do you have and what XTM version is it running?

  • Hi Mike

    If you need remote access to manage your firebox, aside from locking it down to specific trusted public IPs; one method would be to configure SSLVPN if you haven't already, and lock it down to the subnet used by that (192.168.113.0/24 by default), as well as trusted internal networks/addresses.

    As Bruce says - when you say hackers are getting the best of it - what exactly do you mean? They're gaining entry for management/administration of the Firebox, or performing a Denial of Service attack on it etc.?

    Cheers, James

    All Fireboxes (T-Series, M-Series, FireboxV, Firebox Cloud etc.); EPDR, Advanced EPDR/Cytomic, Orion (Threat Hunting); WiFi, AuthPoint. WSC/Cloud. Management of a few hundred Fireboxes, and a few thousand EPDR endpoints. Platinum Partner. Views my own (if any!).

Sign In to comment.