Your firewall doesn't manage itself!
Firewalls require continuous maintenance to provide optimal security for your business. Netsecurity therefore recommends regular firewall audits.
Unfortunately, it is not unusual for a recently installed firewall to be static with regards to rules and security settings. You may think you are protected but in fact you have no or limited protection.
Netsecurity firewall audit guarantee your firewall is up to date, configured and tuned to your requirements for optimal security and performance.
Audit of security settings
Optimum security requires your firewall to be properly configured, updated and customised to protect against ever changing threats.
- Block rule check and update for unwanted applications and application groups.
- Mapping unknown applications (unknown-tcp and unknown-udp) and blocking them. Create "custom-app" out of custom applications perceived as unknown by the firewall.
-
Check vulnerability and malware blocking settings, as well as adjust the threshold values for the desired level (severity: medium, high, critical). zero-day malware protection check.
-
Check protection against ransomware threats using Geo-IP blocking, URL filtering and malware setup.
-
Check for blocking, possibly decrypting unknown URL SSL traffic categories.
- Check URLs for adult, malware, hacking, phishing and questionable categories
- Check email alert delivery for critical events
Firewall rules audit
The composition of firewall rules is very important. An incorrect rule could create major security holes for your business. A common issue Netsecurity covers is when new rules are introduced, usually with new security features, old rules often remain untouched. A large and complex set of rules can give security challenges to many businesses.
- Check that each rule has the correct security profile relative to malware, URL filter, Zero-Day, etc..
- Duplicate rules check
- Control of the order rules, as well as check of unused rules
- Consider merger of rules, possibly breakdown of existing rules
- Check and verification for «application dependencies»
- Check of NAT rules both inbound and outbound
- Check of QoS rules, possibly need for QoS
- Check by SSL decryption rules
- Checking log settings for each rule. Less logging or more logging?
Documentation
Firewall revision is based on the customer being involved in the audit providing information and documentation regarding the existing environment and layout. Firewall revision ends with a report describing findings, changes and a copy of Firewall configuration.
UNDER ATTACK?
The Netsecurity Incident Response Team gives you the expertise and help you need to quickly establish normal business operations at a security event.