FIREWALL SECURITY TESTING
Firewalls have become much more intelligent than the stateful inspection once deployed. This is largely because Secure Socket Layer (SSL) and Internet Protocol Security (IPsec) VPNs are terminated on them. They also provide Simple Mail Transfer Protocol (SMTP) relay and the Hypertext Transfer Protocol (HTTP) proxying capabilities, together with comprehensive DLP filtering. However, with these new capabilities come increased risk, threat and potential exposure.
In order to find any vulnerabilities around your organisation’s firewalls, Nettitude is able to assess the rulebase, published services and in-built security daemons of any firewall, conducting comprehensive firewall protection and security testing. Our expert, highly experienced firewall testers will assess your organisation’s anti-spoofing rules, the network address translation rules, the security logic and the underlying networking fabric of your firewall security.
Looking For Firewall Security Testing Services?
How Do Nettitude Conduct a Firewall Test?
Firewall security testing assesses the firewall from the internet. Instead of purely focusing on devices that are published through the firewall, the assessment focuses on the firewall itself. If the device is delivering IPSEC or SSLVPN services, these resources are assessed. Similarly, TCP and UDP packets are sent to the firewall and devices behind the firewall with non-standard flags being set. Through the responses that are elicited from these requests, Nettitude is able to enumerate the rules and policies that exist within the firewalling logic.
Understanding Firewall Security
Most organisations have a perimeter firewall deployed between their internal systems and the Internet. This acts as the perimeter defence, filtering out unwanted inbound connections, as well as providing Virtual Private Network (VPN), Data Loss Prevention (DLP), Intrusion Prevention System (IPS) and content checking capabilities for the organisation.
Firewall Protection Security Audit Services
What To Expect?
In addition to carrying out firewall security testing services, Nettitude also undertakes comprehensive firewall protection security reviews. This involves auditing the rulebase against industry best practice. Nettitude utilises a series of tools and scripts to assess Checkpoint, Juniper, Cisco, Palo Alto and many other leading firewall providers.
As part of a firewall audit, Nettitude identifies weak protocols, insecure rules and additional data leakage that could permeate through the firewalling infrastructure. Nettitude’s team of consultants have exposure to building firewalls from scratch, as well as deploying technology from many of the leading firewall vendors. This gives us the unique perspective of both poacher and gamekeeper, and ensures that our assessments are some of the most rigorous within the industry.