Over 10 years we help companies reach their financial and branding goals. SIGGAP is a values-driven technology agency dedicated.

Gallery

Contacts

PT Siggap Teknologi Internasional Perkantoran Permata Regency Blok.D/37 Kembangan, Jakarta Barat 11630, Indonesia

siggap@siggap.id

+62 21 58905002

Twitter Facebook-f Pinterest-p Instagram

Firewall Review and Test

// OFFENSIVE SECURITY

Firewall Review & Test

Firewall audits receive a lot of attention nowadays due to standards such as PCI DSS, ISO 27001 and SOX and HIPAA for US companies. Even if you are not required to meet these standards at the present time, you may be required to show that your network is secure for business relationships with certain partners and customers.

It’s not enough for your organization to establish these rules for your network regarding inbound and outbound traffic. Why? As time goes on, rules become deprecated and protocols become insecure. Many security frameworks, including PCI DSS, require that your organization has a process to review firewall and router configurations to ensure that they are still secure. This process could be manual or using automated, but there must be a process.

What is Firewall Security Review?

Firewall Security Review is an audit that checks for vulnerabilities, firewall software configuration, and Security Policy.

It can improve your ability to locate weaknesses in your network security posture and allow you to find where your policies need to be changed. In addition, they can assist you in demonstrating due diligence in reviewing your network security and policies in the event of a lawsuit or other issue which may question your security standards.

Rule review includes the checks, but not limited to;
  • How many rules are there compared to last audit/year?
  • Are there any rules without comments?
  • Are there any rules that are redundant and should be removed?
  • Are any rules unused?
  • Are any services within the rules no longer used?
  • Are there any unused groups or networks in the rules?
  • Are there any firewall rules with ANY in the source, destination and service/protocol fields with a permissive action?
  • Are there any rules with a permissive action and ANY in two fields?
  • Are there any rules with a permissive action and ANY in one field?
  • Are there any overly permissive rules, for example, rules with more than 1000 IP addresses allowed in the source or destination?

Looking for a professional for your Firewall Rule Review audit? Reach us out, we have best qualified professionals to conduct the Audit.