Reach out to us for a no obligation free security assessment now

24×7 Support  + 61 (03) 9070 3487

Firewall Configuration Reviews

CyberSecOn recognizes the importance of firewall audits which are a top priority of most organizations due to standards such as PCI-DSS, ISO 27001 and SOX. Firewall audits are required not only to meet the standards, but also to show that your network is secure for business relationships.

Our Firewall Audit checks for

Change Process Audit

This audit reviews the change process which includes change documentation, standard backup and recovery procedures in place, approval mechanism. Compare the process defined with the actual change practise and document the gaps. Some questions asked during this audit include

Rule Base Audit

Based on the technology used and placement of the firewall with in the company the audit varies, For example, firewalls that are connected to the internet are generally much more at risk than those that are not, and internal firewalls are often more permissive than external ones. This audit goes in to details of below questions

Risk and Compliance Audit

This audit checks for certain compliance issues based on clients security policy and risk appetite.
Some questions asked in the audit are below

Are any rules in violation of the company’s security policy?

Are there any rules that allow inbound risky services from the internet, such as those that pass login credentials in the clear like telnet, ftp, pop, imap, http, netbios, etc?

Are there any rules that allow outbound risky services from the internet?

Do any rules allow traffic from the Internet to networks, sensitive servers, devices or databases?

Do any rules allow direct traffic from the Internet to access the internal network (not the DMZ)?

“ Technologies we support – snapshot”