Home > Ask the Security Experts > Questions & Answers > The risk of allowing UDP traffic through a layered firewall architecture
Ask The Security Expert: Questions & Answers
EMAIL THIS

The risk of allowing UDP traffic through a layered firewall architecture

Stephen Mencik EXPERT RESPONSE FROM: Stephen Mencik

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 15 April 2002
We have a layered firewall architecture. Would it be safe to allow UDP traffic through the second layer of firewalls? Meaning the components in the first layer (Internet facing) require UDP communications with devices in our second tier and possibly to our internal network. With defensive measures in place, is it safe to allow this type traffic?

>

If you have blocked all UDP traffic from the outside, then you are safe from that UDP traffic. Allowing UDP traffic from the first layer nodes to the second layer, and perhaps to the inside network, does allow for malicious insiders to exploit the same UDP vulnerabilities you are protecting against from the outside. If this is an acceptable risk, then yes, it is "safe" to allow that type of traffic. If you are concerned about the insider risk, then no, it is not safe.

In general, you should deny all traffic and only allow that traffic that is needed. If you need specific UDP ports to be opened in the second tier for your setup to work, then only open those specific ports. There is no need to open them all, if only certain ones are needed.

What you need to do is balance the risk of allowing those communications with the operational need to have them. If the risk is considered to be low enough by someone with the authority to make that decision, then go ahead. What you really have is what is known as an Accreditation decision.

For more information on this topic, visit these other SearchSecurity resources:
Ask the Expert: Determining which TCP/IP services are needed
Ask the Expert: Explanation of ports

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Find Security Solutions for Your Business
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts