Firewall Configuration Review

Firewall Configuration Review

Firewalls form the boundary between your network and the internet. Attackers scan the entire internet for vulnerable machines daily, therefore, vulnerabilities and misconfigurations here have the potential to be exploited quickly.

Our firewall security review aims to identify how much risk your firewalls expose you to.
We will manually review the firewall rules and configuration, plus perform an external port scan to verify the services exposed to the internet.

Our checks include:

  1. Check the version and patch level of the firmware
  2. An assessment of the firewall rules against best practices. For example:
    1. Services exposed to the internet
    2. Overly broad firewall rules
    3. Clear-text or risky services
    4. Unused or redundant rules
    5. VPN Configuration
  3. An assessment of the device configuration against best practices
  4. Check for any unused services
  5. Check for the presence of web filtering – either via proxy, DNS filtering or use of an external DNS filtering service

 

Before we start any testing, we’ll agree on a formal testing Scope document with you. In this, we’ll agree on the firewalls that are in scope and discuss the firewall’s role in the organisation to understand best the security functions it should perform. In order to perform our tests, we’ll need you to provide access to the firewall administration console.

Once our testing is complete, we’ll provide you with a report with detailed findings, their impact and how to fix them. We can also provide consultancy to help fix these if that is useful to you.