Kemp Technologies Blogs

Kemp Security Series 2020 – Part 0: LoadMaster Security

David O'Connor | Posted on | Cloud | Load Balancer

Progress® Kemp® LoadMaster® is an industry leading, award winning load balancer with the most flexible multi-cloud deployment options, subscription and pooled licensing, customers can easily augment or replace existing load balancers from any provider… which is fantastic, but did you know about our security posture?

Kemp LoadMaster

The Kemp LoadMaster is built on an optimized Linux Operating System (OS). The optimizations are focussed on capabilities in Layer 7 handling for applications and firewall appropriate features. By this, I mean that by default all ports are closed, as you configure your specific applications (and associated protocols), you enable only the specific ports that are required to enable that application. Protection for DOS attacks like slow loris, IP management (Access Control Lists) and Packet Routing Filters are natively built into the OS. All unnecessary services and applications are removed.

User Authentication

The LoadMaster OS user authentication is tightly controlled. Kemp provides the ability for system administrators to customize the security posture or further tighten policies regarding whom can access the LoadMaster.

Logging the correct data in the logs and monitoring those logs closely is vital for a sound security posture. The LoadMaster OS provides detailed system logging to alert suspicious activities, track user activities and assist in post-event investigations.

Also, included in the LoadMaster OS is Intrusion Prevention / Intrusion Detection Systems (IPS/IDS) running Snort rules to add an extra layer of security.

Tried and Tested

We regularly submits the LoadMaster for penetration testing from industry-leading security auditors. The LoadMaster SSL/TLS implementation is also kept up to date with current industry best practice and tested against sites such as Qualys SSL Labs. The results of these tests can be made available to interested customers. This continuous testing ensures that in addition to the proven success of the LoadMaster in our 100,000 global application deployments in public, private and closed networks, it has been thoroughly vetted by known industry security leaders.

We would advise all key administrators to subscribe to https://community.progress.com/s/products/loadmaster to receive announcements for detailed updates.

Security Series

The remaining blogs in this series focus of the following security aspects of the Kemp Technologies LoadMaster including:

  • Application security with the Kemp Technologies Web Application Firewall (WAF)
  • SSL / TLS security
  • Identity Access with the Kemp Technologies Edge Security Pack (ESP)
  • SIEM Log Analysis with the Kemp Technologies logging capabilities

Contact us today to discuss all your application delivery and security needs.

Read the rest of the Kemp Security Series 2020

Part 0: LoadMaster Security Part 1: Application Security Part 2: SSL/TLS Security Part 3: Identity AccessPart 4: LoadMaster and SIEM Log Analysis

Additional Information

Trustwave 2019 Global Security Report Verizon 2019 Data Breach Investigations Report

Tags