WHAT IS A FIREWALL CONFIGURATION REVIEW?
A Build Review is a security assessment designed to test the devices your staff use to carry out their workload on a day-to-day basis. This may be an assessment of a workstation, server or other device.
The assessment is designed to identify any weaknesses in the specific configuration of a device, or vulnerabilities which may be present and exploitaible by unauthenticated or authenticated users.
WHY CONDUCT A FIREWALL CONFIGURATION REVIEW?
A firewall configuration is rarely static and over time as more services are required by the business coupled with changes to both the infrastructure and staff, the configuration can become overly complex often with redundant or unneeded rules still in place.
With this in mind, it is imperative to regularly check the configuration of such devices to ensure you are getting the maximum protection from your device.
During a Firewall Review we examine the configuration and operating system to determine if a secure setup has been established and to ensure there are no identifiable weaknesses. The assessment is designed to pinpoint and rectify any holes within the build and covers patching levels, accessible services, weak credentials, logging and auditing as well as a rule set analysis review.
For a rule set review, the live configuration, for either externally facing or internally placed firewalls is used to perform a detailed rule by rule study to determine if there are any overly permissive or weak rules that might be negatively impacting your security posture.
As part of our approach, our Penetration Testers use a combination of the most effective automated tools and manual exploitation techniques to identify vulnerabilities across your devices. Our extensive reports provide a thorough assessment of each vulnerability and provide business context alongside each finding.
This is supplemented by technical and non-technical descriptions including evidence of exploitation to assist in prompt remediation activities and provide a thorough understanding of each issue.
- Receive assurance around the secure access configuration of your organisations extrernal or internal network.
- Make ongoing improvements to a Firewall via specialist support, advice and consultancy.
- Adhere to regulatory bodies who require a Firewall Configuration Review to be performed.
- Gain access to a dedicated team of specialist CREST Registered penetration testers who use the latest tools and techniques to accurately assess and identify emerging threats