Firewall Reviews

Firewalls are first line of defense for organisations against unwanted elements of the internet. Reviewing of firewall logs, firewall rules and configuration is imperative to ensure that the system is protect the organisation

Firewall review methodology

Gather Key Information
An audit has little chance of success without visibility into the network, including software, hardware, policies and risks. It is therefore key that information be gathered during this phase, examples of key information are copies of relevant security policies, current network diagram, Identify all Internet Service Providers (ISP) and Virtual Private Networks (VPN) and Identify whether methods other than the Firewall are used to provide access to the Internet
Change Management Process
During this phase the team will assess documentation that define the roles and responsibilities of firewall administration including the testing of firewall configuration if the document exist.
Firewall configuration
Evaluate the current firewall topology and assess the current hardware and software configuration of the firewall
Assess current rules
Identify any and all potentially “risky” rules, based on industry standards and best practices, and prioritise them by severity. Risky rules can be different for each organisation and the level of acceptable risk, but there are many frameworks and standards you can leverage that provide a good reference point.
Report the current status of the firewall as well as remediation actions that can be taken to improve the security posture of the firewall.