Any organisation’s firewall is typically the first line of defence from external threats, but most are installed on a ‘set and forget’ basis. Business needs change over time and configuration such as firewall rules, objects and user accounts are all added on the go.
The result of this is rules falling out of date and out of compliance, the firewall becomes more difficult to manage and troubleshoot, and performance can also be affected. Fundamentally, the firewall becomes much less secure. A Firewall Security Review should therefore be an important part of your security vulnerability management activities.
The deliverable of this service is a written report document containing all findings and associated recommendations. The contents of this report includes but is not limited to the sections mentioned below
At the outset of the engagement, our consultant will gather information to learn more about your organisation. This includes your size, geographic locations, nature of your business, your IT infrastructure and your working practices. This enables us to tailor our recommendations to your business as appropriate.
The review is undertaken using a combination of manual techniques and using non-intrusive tools to help assess your firewall configuration.
Our Firewall Security Review is an in-depth assessment of the security and performance of your stateful firewall or next-generation firewall. We review system performance metrics, management plane configuration and the security of the running rule set and compare these with industry best practice and vendor hardening guides. The customer is provided with a written report covering the findings and recommendations in order of priority.