Select Page

 Firewall Security Testing

Firewalls have become much more intelligent than the stateful inspection once deployed. This is largely because Secure Socket Layer (SSL) and Internet Protocol Security (IPsec) VPNs are terminated on them. They also provide Simple Mail Transfer Protocol (SMTP) relay and the Hypertext Transfer Protocol (HTTP) proxying capabilities, together with comprehensive DLP filtering. However, with these new capabilities come increased risk, threat and potential exposure.

In order to find any vulnerabilities around your organization’s firewalls, LRQA Nettitude is able to assess the rulebase, published services and in-built security daemons of any firewall, conducting comprehensive firewall protection and security testing. Our expert, highly experienced firewall testers will assess your organization’s anti-spoofing rules, the network address translation rules, the security logic and the underlying networking fabric of your firewall security.

CREST - STAR Threat Intelligence
PCi Security Standards Council - Approved Scanning Vendor
CREST Threat Intelligence
PCi Security Standards Council - Approved Scanning Vendor

Looking for Firewall Security Testing Services?

How do LRQA Nettitude Conduct a Firewall Test?

Firewall security testing assesses the firewall from the internet. Instead of purely focusing on devices that are published through the firewall, the assessment focuses on the firewall itself. If the device is delivering IPSEC or SSLVPN services, these resources are assessed. Similarly, TCP and UDP packets are sent to the firewall and devices behind the firewall with non-standard flags being set. Through the responses that are elicited from these requests, LRQA Nettitude is able to enumerate the rules and policies that exist within the firewalling logic.

Understanding Firewall Security

Most organisations have a perimeter firewall deployed between their internal systems and the Internet. This acts as the perimeter defence, filtering out unwanted inbound connections, as well as providing Virtual Private Network (VPN), Data Loss Prevention (DLP), Intrusion Prevention System (IPS) and content checking capabilities for the organisation.

Firewall Protection Security Audit Services

What To Expect?

In addition to carrying out firewall security testing services, LRQA Nettitude also undertakes comprehensive firewall protection security reviews. This involves auditing the rulebase against industry best practice. LRQA Nettitude utilises a series of tools and scripts to assess Checkpoint, Juniper, Cisco, Palo Alto and many other leading firewall providers.

Extended Services

As part of a firewall audit, LRQA Nettitude identifies weak protocols, insecure rules and additional data leakage that could permeate through the firewalling infrastructure. LRQA Nettitude’s team of consultants have exposure to building firewalls from scratch, as well as deploying technology from many of the leading firewall vendors. This gives us the unique perspective of both poacher and gamekeeper, and ensures that our assessments are some of the most rigorous within the industry.

Protect your Organization with LRQA Nettitude’s Award-Winning Cybersecurity Services

Speak to one of our cybersecurity experts now…