I've come to a point where I need to migrate to a new server. Though I'm aware of the SELinux advantages, is it necessary to keep SELinux enabled when the firewall / gateway is only meant to route the traffic to different destination hosts.
Users will not be logged in or store any data on the firewall. How important is the use of SELinux in this case?
Would it make the firewall more secure or is SELinux going to complicate things unnecessarily? Thanks in advance for your advice.
Best Answer
SELinux is a great component to have for security. There are a ton of benefits of configuring it for your servers, whether they are publicly facing or not. Firewalls do a great job on filtering out unwanted or malicious activity, but flaws in your security can still be leveraged by external exploits as well as internal flaws in configuration or buggy software.
While you could get away without SELinux on your firewall/router, it will limit the scope of breaches if someone were to break into your box. One of SELinux's design concepts was to confine services so that they cannot overstep their appropriate access - so even if someone acquired escalated privileges or broke down a layer of your security, they would not have complete access to your entire router or even entire internal network.
Here's a good, short explanation about SELinux. As for how to use it, invest some time into watching some videos about it - it's not overly complicated, but it requires you to rethink how to secure files and services in the linux system.