FireSecure
“Firewalls and other security solutions are in place and we are protected” is one of the biggest Cyber-Myths.
Research from Gartner suggests that, by 2020, 99% of firewall breaches will be caused by simple firewall misconfigurations, not flaws. Not just misconfiguration which leads to major security problems, unpatched or poorly maintained security products are also a major threat to the organization.
Even though organizations are investing thousands of pounds in the best-of-breed security products like Next-Gen Firewall’s, UTM, Web and Email Gateways, by not managing and configuring them correctly, the likelihood of a successful cyber-attack increase exponentially.
Firewalls have become the victim of their own success. They are the first line of defense for any business network, examining an endless stream of network traffic against a set of established policies. Over the time, firewall complexity increases with the exponential growth of applications in a network. In a typical organization today, a single firewall may be configured with hundreds of objects and rules to define web & application access policies, network access and protection policies, allowed services, routing rules, and more.
Maintaining good firewall configurations is a difficult challenge for even the most experienced network administrator. Even a single firewall misconfiguration can result in a devastating impact on the organization, network availability, or regulatory compliance issue. With the increasing firewall rule base, it is difficult for any IT team to examine firewalls effectively and manage firewalls to ensure that the organization network is protected and in compliance.
Right tools for the job!
While the security products are vital to secure the network and data but these are merely a tool. Most SME’s do not have the right skill set to ensure that the product implemented is configured and setup to the best of the products abilities and industry practices.
We have designed a unique consultancy service offering called “FireSecure” to ensure that Next-Gen Firewall / UTM devices are Audited, Reported and Secured by our highly skilled network security experts. FireSecure offers comprehensive auditing, detailed reporting, and consultancy-led remediation services.
Audit
Highly skilled Network Security Experts have designed comprehensive auditing process to ensure that security device maintains good security posture and is fully compliant with industries best practices.
Below is the highlights of device auditing process:
Comprehensive Firewall Auditing
Compare configurations to industry best practices
Identify policy violations that can lead to security breaches
Review security configuration
- Device Access Policies
- Password Management
- Firewall Rules
- Content Filters
- Ant-Malware / Anti-Spam Policies
- Intrusion Prevention Rules
- Anti-Spoofing Protection
- Web Application Firewall (WAF)
- Logging and Reporting
Identify unused rules or redundant firewall policies to simplify security configuration
Identify gaps in compliance
Report
On successful completion of the auditing process, SOC team prepare detail report with key findings, the security posture of the device and remediation recommendation.
Audit report would contain following key elements:
Executive Summary
Compliance Highlights- Network’s Security Posture
Comprehensive information for all non-compliance configuration objects
- Description
- Severity
- Reference information such as Policy Name or Rule-ID
- Remediation to stay compliant
Remediation!
Remediation is the most critical phase of the FireSecure product as it determines what action to take in response to audit findings.
We offer consultancy-led remediation with below features.
Understand, discuss and prioritize configuration changes:
Our team will help customer to understand impact of each suggested configuration changes and prioritize them as per compliance requirements
Develop an Implementation Schedule:
- We strictly follow ITSM based change management process to ensure:
- Security Performance
- Minimal downtime
- Proper rollback strategy
- Authorization
- All changes would be implemented on predefined schedule to avoid any impact on the network
