Load Balancer Security Checklist for Security Auditors [Updated 2022]
A Load Balancer is a network device that distributes network traffic to different servers in the data center. Refer to this article to understand a brief overview of the Load Balancer device. Generally, organizations hire external security auditors for the security assessment of network devices. Load Balancer generally left out as there are no specific guidelines available. I am listing the security checklist that security auditors can use to assess the load balancer devices. This is a generic checklist that can be used for any load balancer device. Also, auditors may use OEM-specific best practices to audit network devices.
|1. Review network architecture document - Ensure load balancer correctly placed on the network diagram with proper cabling. Also check load balancer assess by only authorized users on corporate network.|
|2. Check for default credentials - username and password should be changed while login first time.|
|3. Check the usage of strong cryptographic protocols in the authentication mechanism.|
|4. Idle session time should be less than 5 minutes. This time may be documented properly in network policy.|
|5. Check for password policy - ensure password length and complexity should be high.|
|6. Check for not allowing simultaneous login of admin accounts.|
|7. Check for authentication logs - both success and failure.|
|8. Check logs for not contain sensitive data - username, password, etc.|
|9. Check for implementation of warning banner prior to accessing CLI access.|
|10. Check for Synchronize time of load balancer - NTP server should be configured.|
|11. Check for a consistent, controlled system for managing load balancer.|
|12. Review the backup plan and ensure it takes care of all the firewall devices' risks.|
|13. Review restore and continuity plan.|
|14. Check whether the administrator reviews logs.|
|15. Check for security patches and updates.|
|16. Check for redundant power supply.|
|17. Check for open ports that are not required by using port scanner tools (e.g. nmap).|
|18. Check whether logs and security events are sent to the log server. Ensure access of log servers by only authorized users.|
|19. Check for redundant users - remove users who left the organization or move to another team.|
|20. Check previous assessment reports of the load balancer if available. Sometimes it provides a list of vulnerabilities that may be open at the time of audit.|
This article list the security checklist that you can use for assessing the load balancer. This checklist gives auditors a clear idea of what should be checked or whatnot. Auditors can also refer to security best practices released by different OEMs.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.