Tel: +44 (0)1525 850 440
FIREWALL HEALTH CHECK & AUDIT
Why do I need a firewall health check and audit?
Firewall rules have changed over time and may no longer adhere to best practice and be leaving the organisation vulnerable. Often organisations are unaware what their firewall is actually doing? In some cases organisations lack understanding of the traffic traversing their firewall and the protocols and applications that make up that traffic? Also, firewall services availability, resilience and risk assessments are often un-investigated. More-over, the firewall may have additional features available which could improve security or the performance of the firewall? Or, it could be the organisation has changed, and the firewall is no longer meeting the needs of the business? So - why not mitigate risk and increase peace of mind with expert validation of your firewall performance?
When shall I have a firewall health check and audit?
We recommend a firewall health check/audit on an infrequent but regular basis, e.g. once per year, depending on how often the firewall rules change or changes are made within the organisation.
Who will perform the firewall health check and audit?
A certified security consultant with extensive experience.
Where is the work performed?
The entire exercise can be done remotely using remote meeting capabilities or on site according to the customer’s preference.
Typically, the first half of any health check and audit will be done on site, and the second half of the health check will be completed remotely.
How long will it take typically?
Typically a complete health check and audit will take 2 days per firewall or firewall HA cluster (based on up to 200 rules per firewall).
The first day is for gathering intelligence and analysis of the firewall with the second day being used to complete the comprehensive report.
What will be assessed?
We will take a holistic view of your firewalling services. The basis of our approach is as follows:
Firstly, we will review the firewall platform: Software revision, CPU / Memory utilisation, Admin accounts, Certificates, UTM features (Anti-Virus/Intrusion Prevention/Application Control/Web Filtering/Botnet Protection), Interfaces, VLANs, High Availability review (failover test optional), SSL VPN, IPSec, Static routing, Equal Cost Multi Path routing, Policy based routing, Logging and logs, Alerting and alerts, Network integration and positioning.
Second we will review firewall policies. The related features that are used in the policy would also be reviewed such as: Security profiles, Objects
Source NAT, Destination NAT, SSL inspection, Traffic shapers.
Finally, we would complete and submit a comprehensive report that includes: Executive Summary, Documentation of the environment, Detailed findings, Recommendations.
Contact Us for more details!