Firewall Rule Review

 
 
Service Rule Review
Background Firewall rulesets are easy to grow and impossible to prune without a systematic process backed up by tools. This service assists clients in reviewing their rulebase, and in establishing a process by which they can periodically review the rulebase for security, performance and consistency issues.
Service Description
  1. Onsite review of network topology, application environment, administrative capabilities, infrastructure.
  2. Firewall Health Check.
  3. Automated scan of rulebase for best practice violations.
  4. Offsite analysis.
  5. Onsite rule-by-rule review with client of rules not covered by automated scan.
  6. Definition of process by which rules can be safely removed without disrupting operations.
Deliverables
  • On-site configuration review.
  • Offsite rule review for adherence to best practices.
  • On-site rule-by-rule review.
  • On-site rule deletion process walkthrough.
  • Rule review final report.
  • Rule review process definition.
Estimated Hours
  • Per hour. Approximately 1 hour per 10 rules.
Scope
  • One rulebase
Not Included
  • On-site support is separate.
  • Ancillary products not included (URL filtering, application control, IPS, etc.)
Recommended Training
  • TCP/IP administration.
  • Note that this is not an audit where we provide an external opinion as the the compliance status of your firewall and of the security architecture in general. This is a consulting service where we assist clients perform an initial review of their rules and setup a process by which they can replicate that review on a periodic basis.
  • Enterprise Firewall Management training.
Cost

$2 per 10 rules