Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Security concerns using NAT

Valerio

Hi all,

We're looking forward to implement a monitoring solution with CheckMK for our customers productions machines. The monitoring server will be on a cloud machine and it will need to access the customers machines through CheckMK TCP port and SNMP. Thinking about a NAT rule with an IP filter on Sophos XG allowing only the cloud server IP to go through. Will it be enough? Should be worried about possible exploits? (IP spoofing, Man in the middle, Etc).

Thinking also about VPNs but this will require a VPN for each customer.

Kind Regards



This thread was automatically locked due to age.
  • +1

    Using the Source IP from a Vendor is always a good start. It is not bullet proof but nothing is bulletproof in IT nowadays but it will decrease the likelihood of exposure. 

    IP Spoofing in WAN or a Mitm attack from WAN is something hard to do as it is protected by the ISP. 

    The only factor would be a Supplychain attack. https://en.wikipedia.org/wiki/Supply_chain_attack

    To protect this traffic coming from the vendor via VPN - You would have to rely on them having a open VPN to you. This increase the management effort, but decrease the security concerns. 

    BTW: Depending on the protocols, this vendor is using, it could be not encrypted, meaning, everybody in WAN can read it. This is a legit question to ask the vendor. 

    __________________________________________________________________________________________________________________