Why Secure the “Security Perimeter” of the Organisation?
Firewall is said to be the primary line of defense for an organization's network infrastructure. But this line of defense has its own set of weaknesses, that, if not addressed could cause havoc in the network environment. A few common weaknesses seen in the firewall are stated below, but are not confined to just these:
Misconfigured Firewall Ruleset:
The most common weakness we will ever see in a firewall. The Firewall Ruleset, if not configured in compliance to the industry-set standards, could pave a pathway for the unauthorized user to enter into the system.
There could be times when the firewall was not deployed properly in the first place. Or if deployed well, was deployed in the wrong place. It could also happen that the number of firewalls deployed is insufficient to provide the optimum level of protection. Such deployment errors could render the network vulnerable.
While keeping an eye on the firewall configuration and deployment, one might miss out on the necessity of an up-to-date software that is present on the perimeter. This ignorance would mean welcoming the hackers to compromise the firewall and network.
One may be using a variety of services within their system, some of them being affected with known vulnerabilities. These could bring the vulnerabilities along, thus infecting the systems and affecting the complete network. The packets exchanged, protocols along with these services too could also become a weakness for the system.
Firewall Configuration Review Strategy
The SecureLayer7 Firewall Configuration Review service follows a very strong methodology which performs a deep analysis of the firewall configuration. The review process takes into account the following:
Check for availability of vulnerability or bugs in the current hardware and software release.
- A complete review of all the hardware devices associated.
- Review of accounts set up on the firewall and the operating system.
- Check for possible hardware or software malfunction in the firewall and OS logs.
- Review the comments for all the rules in the ruleset for proper justification.
- Check for vulnerabilities in the encryption and hashing process.
- Verify if the rules provide the least possible privileges.
- Review the vendors licensing
- Review the firewall for the enabled services.
- Review overall firewall configuration and rule sets deployed on the firewall.
- Recommendations related to improvement in security provided by the firewall and in the overall device configuration.
Why SecureLayer7 Firewall Configuration Review?
The Firewall Configuration Review at SecureLayer7 takes an insider view at the system with full access to the system’s configuration with the aim of providing the optimum review result thus attaining maximum security at the perimeter itself. SecureLayer7 deeply analyses the firewall’s entire configuration as per industry best practices, including guidelines from PCI-DSS and Center for Internet Security and ensures compliance of the same.
SecureLayer7 believes in holistic security and hence gives equal importance to the technical, business and device aspect of the firewall line of defence. At the end of the review process, a comprehensive report is provided that includes every minute detail about the loopholes in the firewall environment, along with remediation steps for the findings, and a detailed configuration review of the firewall ruleset covering line-by-line assessment result.