Case Study: Industry Sector:
Configuration Review – Firewalls & Routers Media and Telecommunications
Firewalls aim to provide organisations with reliable security at the network perimeter; however each firewall must be properly configured in order to allow and disallow network traffic accordingly, in a manner sensitive to business needs. Poorly configured firewalls can be overwhelmingly damaging to the security of an organisation – lax ingress rules may provide multiple vectors to attackers on the Internet, while lax egress rules may provide avenues for unauthorised command and control connections from the Internet and exfiltration of intellectual property and confidential data. Other factors must also be considered as part of a firewall configuration review, i.e. The software/firmware versions need to be identified in order to correlate with any publicly known issues or exploits with the specific device and version The network services available on the firewall also demand investigation and review against documented business requirements, including the number of registered users on the firewall and the password policies governing access to the device. IRM’s firewall configuration review provides an unbiased assessment of an organisation’s firewall deployments and the traffic that is currently permitted and denied through the organisation’s networks. The firewall configuration is validated against best practices in order to identify any misconfiguration that could lead to unauthorised and undesired access.
Case #1 IRM was asked to perform a firewall configuration review against a number of key perimeter firewalls of a global media corporation. The corporation had extended rapidly over a short time across multiple sites, which had led to firewall configurations having in excess of 1000 rules. The client requested a full review to identify any extraneous rules that could be removed to improve the overall security posture of their firewalls and to...
Please join StudyMode to read the full document