Firewall Audit

“The idea that IT security starts and ends with the purchase of a pre-packaged firewall is simply misunderstood” – Art Wittmann

 

Your company’s firewall is a vital part of your IT security, and it’s important to make sure it also works as intended. It is useless to buy the biggest and safest firewall on the market, unless it is maintained and updated.

We recommend that you conduct at least one annual audit of its firewall. If your business often makes changes to your network and more people are authorized to make changes, audits may need to be done every six months or quarterly.

Before we begin the Firewall audit, there are some things we need to consider in relation to whether these items should be included or excluded. It is important that this delimitation takes place as otherwise inappropriate and, in the worst case, may break down on the network. The areas, we want to check before the audit, are:

  • Routers
  • Modem
  • Ports
  • Operating Systems
  • Web Applications
  • IDS
  • IIS / Apache
  • Databases

In our audit we use a framework from the SANS Institute. Below is a selection of the items we are looking at:

  • VPN tunnels
  • NAT Rules
  • Logging
  • SNMP Servers
  • Servers
  • Firewall Rules
  • User Accounts
  • Encryption Protocols

The complete method can be found here:

https://www.sans.org/media/score/checklists/FirewallChecklist.pdf

GlobalSequr specializes in the following manufacturers:

Cisco

SonicWALL

Check Point

Some of the most important thing about a Firewall audit is that it is properly documented. If the documentation is inadequate or completely absent, we will help to build the documentation so that the process of subsequent audits becomes easier, faster, and of higher quality.

With a Firewall audit from GlobalSequr, we ensure the value of the initial investment.