What is Included in a Firewall Assessment?
Our firewall assessment service makes sure that your firewall is arranged correctly – It is a review of your current situation. ConnectDS assesses if any unnecessary rules have been set up that could expose your company’s private data. It also works out the current ruleset, to identify if rules are superseded, obsolete or may be a risk to your security. An example of these rulesets is the lack of a DENY ALL firewall rule or policy rule, or the dreaded “ALLOW ALL”!
ConnectDS’s firewall assessment service includes an evaluation of your firewall’s features and their uses so that we can identify any areas that can be more optimised. We will check whether any of these features are providing any limits to your capability and work to make these perform better.
At ConnectDS, we go the extra mile for all our clients. To make this happen, our firewall assessment moves further to technically examine the effectiveness of not only the inbound communications, but also the Egress (outbound) Traffic. We understand that the majority of modern advanced threats that occur are targeted at users, so it is important that we review the level of perimeter control to the internet from within the network. This review allows us to appreciate the risks that can take place as well as ensuring effective configuration across your company.
We make sure that your configuration aligns with best practice and to ensure the effectiveness of your firewall. ConnectDS performs all testing from a sensor within your local network; we perform a technical assessment of what is possible outbound as well as inbound, including actions such as:
- Testing ingress and egress port and application access
- Data Exfiltration to an external server and unapproved cloud file hosting services
- Ingress reconnaissance and probing
- Access to traffic anonymisation tools such as TOR (The Onion Router), unauthorised VPNs and Proxies
- URL filtering, and access to undesirable sites such as pornography, gambling, and chat/IM
- Ability to access online services for streaming and downloads of pirated material
- Downloading of malicious files and viruses
- Back door connectivity using tools including reverse port forwarding and reverse shells
- Peer-to-Peer file sharing, to find activity such as BitTorrent that can be used for illegal activity
- Communication through insecure protocols, including FTP, Telnet, IMAP and POP
- Firewall base security, patch validation and version updates of threat security for threat detection modules.