Firewall Auditing
The firewall is typically the centre of network security. Firewalls are in need of continuous maintenance to supply the best security for your business, yet it’s all too common for firewall rules and security settings to become static over time.
This is precisely why we recommend regular firewall audits. Autodata’s Firewall Audit provides an in-depth review of your configuration against best-practice standards, quickly and without the need to be connected to an online firewall.
Why perform a Firewall Audit?
Firewall audits increase your chances of catching any weaknesses in your network security posture and finding where your policies need to be adapted. They also prove that you have been doing all your due diligence in reviewing your security and policy controls* should you ever need to respond to a breach or issue that brings your security standards into question.
Autodata’s technical consultants conduct a review of your current firewall configuration and rulesets: identifying, verifying and prioritising weaknesses against best practice and providing remediation steps to be taken for any highlighted risks.
Service Overview
No network connection is needed, the firewall audit is a non-intrusive process that doesn’t require any set-up and can be used in locked-down environments:
- Security Audit: looking for firewall weaknesses and vulnerabilities e.g. use of insecure technologies such as weak encryption protocols, easily cracked passwords (if stored in plaintext) and vulnerable network protocols
- Vulnerability Audit: identifying known vulnerabilities on your firewall operating system and providing risk-based remediation advice
- CIS Benchmark Audit: checking the firewall configuration against CIS benchmarks (consensus-based configurations contributed to by security professionals around from around the world)
Reporting
Our Firewall Audit Report can be generated using a copy of the firewall configuration and the public IP addresses of the firewall. This report will be exchanged via a secure encrypted file to ensure maximum security.
Autodata can also produce a more in-depth report by linking the audit to your network topology and providing a more detailed insight into your firewall configuration.
Following report-generation, our technical team will take you through the report’s content and any necessary remediation steps.
* Security Industry Compliance Controls:
Center for Internet Security (CIS)
Payment Card Industry (PCI)
Security Technical Implementation Guide (STIG)
Sans Institute (SANS)
Autodata can produce reports quickly, containing detailed technical and executive reporting for your organisation and providing remediation and mitigation advice.
Get in touch today to arrange a scoping call for your next Firewall Audit.