Admin Access  

---

 
Don't forget our security policy.  Management stated that any access from the Internet to the internal network had to be encrypted.  However, the admins need remote access for those emergencies.  For this, we will allow only specific IPs ssh access to specific systems in our internal network. Notice the placement of this rule, specific rules first, general rules last. A form of single sign-on authentication is being used on the hosts, as per the security policy.