Firewall Config. Assessment Audit

firewall configuration audit services

Overview

With a rapid increase in the usage of mobile equipments, multiple security problems are introduced too. Unfortunately the attacks are no longer limited just to the web services, but can also happen for mobile device's operating system and the application stack running on it.

Web Attacks / Total Attacks
IP Attacks / Total Attacks
Internal Attacks / Total Attacks
External Attacks / Total Attacks

In cyber security world, it is a myth that installing firewall makes you secure. Well, it is true to some extent but only when the firewalls are properly configured. In most cases, it has been found that firewalls are running with default configurations which make it highly susceptible to the vulnerabilities and attacks. Firewall configuration audit service is comprised of the following steps:

  • Understand company's business and security risk
  • Study LAN and WAN network and various application dependencies
  • Download firewall configuration file.
  • Based on the security risk requirement, assess and fix problems and reconfigure
  • Perform detailed vulnerability analysis to ensure that new rules dont expose any further problems
  • Do above for industry standard requirements such as ISO, PCI-DSS, HIPAA etc.

What you get?

You get a detailed analysis report that shows the previous set of problems and the updates which fix it. It also provides you with a certifying letter that the firewall configuration is compliant with the standards. The report also contains an overview of the task and a set of recommendations to be followed by the customer.

Firewall Rule Audit Checklist


-- Check for availability of vulnerability or bugs in the current hardware and software release
-- A complete review of all the hardware devices associated
-- Review of accounts set up on the firewall and the operating system
-- Check for possible hardware or software malfunction in the firewall and OS logs
-- Review the comments for all the rules in the ruleset for proper justification
-- Check for vulnerabilities in the encryption and hashing process
-- Verify if the rules provide the least possible privileges
-- Review the vendors licensing
-- Review the firewall for the enabled services
-- Review overall firewall configuration and rule sets deployed on the firewall
-- Recommendations related to improvement in security provided by the firewall and in the overall device configuration


Security Management :

Features

Process

Benefit

FAQ

Related links

A typical website penetration testing service comprises of simulation of real life hacking methodologies. It encompasees various security attack vectors and exploitation of potential vulnerabilities.

Read More

Our Culture

Valency Networks is a very agile, friendly and fun loving atmosphere and yet we maintain a cutting edge technical vibrant work environment.