Hey everyone! I'm trying to figure out the best way to test if my firewall settings are correctly allowing or blocking communication between two systems, especially with the complexity of API Gateways and zero-trust security models. Coming from a development background, I think it might be useful to set up some integration tests that could monitor firewall configurations. My main concern is ensuring that access that's supposed to be blocked isn't inadvertently opened due to misconfigurations. I work in a mixed environment of Windows and Linux, but primarily use Windows. Has anyone else tackled this challenge? I'd love to hear how you approached it!
2 Answers
You can monitor layer 3 and 7 connectivity for your systems if you have any agent-based monitoring set up. Just make sure your monitoring tool can alert you if those checks fail.
Just to expand on the previous suggestion, if you don't have monitoring in place, consider deploying a tool like Zabbix. Spin up a server, install Zabbix, and have agents on your production machines. You can set up checks like ICMP pings and HTTP GET requests to see if the connections are working as they should. This way, if something opens up that should remain closed, you'll get alerted right away! And you can also keep an eye on your server resources to catch issues like low RAM or disk space before they impact your workflow!
Thanks for the detailed breakdown! I definitely want to avoid surprises when it comes to monitoring. I'll look into setting up Zabbix soon.