When authorized users need to access a resource on the private subnet, they must first use their SSH keys to establish a connection with the bastion host. ACLs, allowlists, and other network-level access controls limit access from the bastion to its protected subnets. The bastion only accepts SSH connections from a limited range of IP addresses in the IT department. The bastion host resides on its own subnet with an IP address that is accessible from the public internet.
Everything that does not serve the bastion host’s single purpose as an SSH proxy gets disabled or deleted. Administrators strip the bastion of all unnecessary applications, ports, processes, user accounts, and protocols. The bastion runs as a locked-down, single-purpose system - in this case, an SSH proxy server. Instead, a bastion host is used as a bridge between the public internet and the private subnet. But the security implications make that approach too risky. Exposing a port in each instance to the public internet would give administrators the access they need. To understand how a bastion host works, we will look at a simple scenario in which a company’s administrators need access to Linux instances connected on a subnet within a virtual private cloud. Revoking the former employee’s access to the bastion cuts them off from everything else. When an employee leaves, administrators do not need to revoke access to each private network and subnet. With all external traffic channeled through the bastion, administrators can focus their security efforts on protecting a single asset.Īt the same time, user management becomes simpler.
The internal network can be configured to block all internet-bound traffic and only allow SSH communications with the bastion host. Remote administrators sign into the bastion and then sign into the subnet or resource they need to maintain.īastions simplify security administration. In this scenario, the bastion’s sole purpose is to provide SSH proxy services. Network administrators often use bastion hosts to remotely manage networked assets. At the same time, they may provide authorized users access to certain internal resources. These systems face the internet, so they need to be on the public side of a firewall or DMZ. Technically, any single-purpose server providing access control could be a bastion host. Access control becomes easier to manage while minimizing the potential attack surface. Placed outside the firewall or within a DMZ, the bastion host becomes the only ingress path to those internal resources. What is a bastion host?Ī bastion host is a dedicated server that lets authorized users access a private network from an external network such as the internet. We will also explain how bastions - especially those providing SSH proxy services - create new security risks.
In this article, we will introduce the bastion host concept, why companies use it, and how bastions work. As with VPN and RDP, however, the bastion host is an old remote access technology that does not work well in today’s decentralized computing environment. Commonly used as SSH proxy servers to support system administration, bastions provide a convenient, securable path through a protected network perimeter. Bastion hosts provide remote access to private networks from an external network.
0 kommentar(er)
