Load Balancer Security Checklist for Security Auditors [Updated 2022]
A Load Balancer is a network device that distributes network traffic to different servers in the data center. Refer to this article to understand a brief overview of the Load Balancer device. Generally, organizations hire external security auditors for the security assessment of network devices. Load Balancer is generally left out as there are no specific guidelines available. I am listing the security checklist that security auditors can use to assess the load balancer devices. This is a generic checklist that can be used for any load balancer device. Also, auditors may use OEM-specific best practices to audit network devices.
|1. Review network architecture document - Ensure the load balancer is correctly placed on the network diagram with proper cabling. Also, check the load balancer assessed by only authorized users on the corporate network.|
|2. Check for default credentials - username and password should be changed while login first time.|
|3. Check the usage of strong cryptographic protocols in the authentication mechanism.|
|4. Idle session time should be less than 5 minutes. This time may be documented properly in the network policy.|
|5. Check for password policy - ensure password length and complexity should be high.|
|6. Check for not allowing simultaneous login of admin accounts.|
|7. Check for authentication logs - both success and failure.|
|8. Check logs for not containing sensitive data - username, password, etc.|
|9. Check for the implementation of a warning banner prior to accessing CLI access.|
|10. Check for Synchronize time of the load balancer - the NTP server should be configured.|
|11. Check for a consistent, controlled system for managing the load balancers.|
|12. Review the backup plan and ensure it takes care of all the firewall devices' risks.|
|13. Review the restore and continuity plan.|
|14. Check whether the administrator reviews logs.|
|15. Check for security patches and updates.|
|16. Check for redundant power supply.|
|17. Check for open ports that are not required by using port scanner tools (e.g. nmap).|
|18. Check whether logs and security events are sent to the log server. Ensure access to log servers by only authorized users.|
|19. Check for redundant users - remove users who left the organization or move to another team.|
|20. Check previous assessment reports of the load balancer if available. Sometimes it provides a list of vulnerabilities that may be open at the time of audit.|
This article list the security checklist that you can use for assessing the load balancer. This checklist gives auditors a clear idea of what should be checked or whatnot. Auditors can also refer to security best practices released by different OEMs.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.