Firewall Assessment

SecureState reviews overall firewall configuration files to determine any exposures or improper configurations.

Firewalls serve as one of the first lines of defense protecting an organization's network infrastructure from an external attacker. If this defense is weak, an organization could face considerable risk of being compromised. During a Firewall Assessment, SecureState performs a line-by-line analysis of the firewall's configuration for industry best practices that are taken from the Center for Internet Security, PCI-DSS, NIST, the DoD, and vendor-specific guidelines.


Even the best security program can quickly become irrelevant as new exploits are released and new attack techniques are developed. When an organization needs to maintain a state of security and compliance, an expert 3rd party may be needed to manage the process effectively. A Firewall Assessment provides:

  • A simple mechanism to significantly strengthen your organization’s perimeter security and network segmentation
  • A verification that network segmentation meets best practices and supports your business needs


SecureState consultants have years of expertise translating customer data and feedback to improve network infrastructures, systems, security domains, and processes in alignment with business objectives. We have assisted organizations in a variety of industries, providing us with knowledge of how different sectors secure their data. Our expertise ranges from redesigning a branch office network topology, to meeting PCI requirements on an organization-wide basis.

Approach and Methodology

During our review, SecureState will:

Firewall Documentation and Process:

  • Review of the security access control model that denies access by default, such that explicit access permissions must be specified.
  • Review of ruleset comments to ensure each provides business justification for the defined rules.
  • Review the configuration file for the identification and protection of all network segments.
  • Validate the implementation of open ports and services are required for operations.
  • Review the security monitoring process and its ability to detect and alert for attempts at or successful unauthorized access where technically feasible.
  • Review the overall configuration of the firewall to ensure that best practices are fulfilled and the stance of the device is secure.

Control Plane Baselines:

  • Review the processes for monitoring and logging that have been implemented on the firewall.
  • Ensure that encryption and hashing operations, as well as the firmware in use do not have unnecessary vulnerabilities.
  • Ensure that interactions with other devices meet best practices and offer only secured conversations.
Data Plane Baseline:
  • Review all ingress/egress points within the network.
  • Verify rules have been implemented in accordance with the principle of least privilege.
  • Verify the use of inspection rules to handle ephemeral ports, and to guard against common attack vectors.

Management Plane Baselines:
  • Ensure default accounts, passwords, and network management authentication strings have been changed and meet complexity standards.
  • Ensure the organization limits the use of clear text protocols such as Telnet, SNMP v1/v2 and FTP.
  • Ensure that the implementation of banners, access controls, and appropriate use policies are defined.
  • Verification that security best practices and hardening techniques have been followed.
  • Ensure limitation of administrative access is to as few endpoints as possible.
  • Review controls for default accounts, passwords, and network management community strings.


Get Started!