Servers power the data we process in today's modern workforce and it doesn't matter if it's a traditional on-premise server or the latest cloud hosted server. It's storing, processing, and providing access to the applications, data, and services you need for your business to run.

CIS Safeguard 4.4 requires you to implement and manage a virtual, operating system, or a third-party firewall agent on every server (where supported).

First, I believe the where supported should be taken out of the requirement because every modern supported server or cloud based service has the capability of running a firewall agent or service to protect it. So there is no excuse not to keep that firewall running.

I have seen the well my network is a walled garden and is secured by the network firewall, so my servers don't need the firewall running. This also is the wrong approach as you want to create a number of walls within your network so if the initial wall is breached you still have safeguards in place that can protect and secure your data. That's the importance of enabling the firewall on servers.

So to check off CIS Safeguard 4.4 you need to revert to your server inventory (1.1) and ensure each server has a firewall enabled. You want to have a tool or service that monitors the server configuration and can alert you if and when the firewall is disabled.

It doesn't matter if you're running Microsoft Windows Server, Linux, or UNIX servers. Turn the #Firewall on.

Just having the firewall on may be enough to mark the checkbox, but the safeguard requires you to manage the firewall as well. You want to ensure you are using least privilege or zero trust models and ensure only those who need access have access. Check and validate what ports, what permissions, and who has and ultimately why or why not does it have access.

Talk to your peers and look at your vendors to help establish the best practice settings should be for the server firewall and document it.

I want to personally thank you for following along and if you learned something new or found this content to be valuable please like and share. Since I have started this journey I am seeing more education around CIS Security and its framework throughout the industry.