Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 826
  • Last Modified:

Firewal Audit

Can anyone tell me what would be involved in a firewall audit? i.e. what kinds of things would be reviewed and reported on? And also why would someone use " a pair" of firewalls on the perimter, which are cisco asa 5510, why do you need 2 , please keep replies management terms as opposed to firewall technie where poss...
0
pma111
Asked:
pma111
1 Solution
 
MikeKaneCommented:
A firewall audit can be many things.  

The usual setup is this:  

An Administrator handles the firewall and applies code.  
A Security Admin Reviews changes to the firewall and all changes must be accounted for.  
Changes to the firewall by an admin must be reviewed and approved by the sec admin.  
Sec admin will review a daily (or weekly or whatever) change log for the unit.   Sec admin is looking for unauthorized changes to the code.  


Or:
Firewalls are audited to look for best practices and to ensure common baseline security measures are met.   This may be done by an in house tech auditor or by and external company or (if you are in those sectors) by a federal agency.     Typical stuff to look for:
disabling insecure protocols (telnet, http)
locked down ips/ports.   Checking to make sure you aren't allowing all ip for example.
looking to justify the open ports into the network (i.e. does Server A really need ssh to it from outside)





Dual external firewalls are used as a 2nd layer of security.   Sometimes the 2 firewalls are managed by 2 different teams to protect against "an agent on the inside".     Financial institutions are usually required to run like this.   Often, the 2 units are from 2 different vendors as well.    Its all about that extra layer of protection.   Say you have a sonicwall on the front and an ASA in the back.    Even *IF* the sonic wall could be breached, BAM, you run into the ASA.  That gives the it team time to remediate the breach.    (Sony should have paid attention).
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now