workshops icon indicating copy to clipboard operation
workshops copied to clipboard
verified publisher icon ansible

Remove public IPs from machines where not explicitly needed

Open liquidat opened this issue 6 years ago • 0 comments

SUMMARY

In the security workshop each instance has a public IP address. But that is only needed for the machines where direct user interaction is rquired:

  • Windows workstations (RDP/http)
  • Ansible control host (SSH)
  • QRadar (http)

Public IPs are not needed for the following machines:

  • Check Point MGMT server (configuration done from Windows server or via http access from control host)
  • Check Point GW (managed via CP mgmt, traffic via special 172.17. network)
  • Attacker (Ansible via SSH from control host)
  • Snort (Ansible via SSH from control host)
ISSUE TYPE
  • Feature Idea
COMPONENT NAME
  • provisioner
ADDITIONAL INFORMATION

This improves the demo experience (less weird log entries in the firewall log due to no random outside traffic) and security (less points to access all from the outside).

Must be tested properly, of course.

liquidat avatar Sep 22 '19 00:09 liquidat