The purpose of a firewall is to prevent unauthorized traffic from reaching a network. Thus, it is very important to regularly review the security of your firewalls. Complior can provide Firewall Ruleset Audits, to ensure a high level of firewall security, and help your company stay compliant with PCI DSS.
WHAT DOES A FIREWALL AUDIT INCLUDE?
A Firewall Ruleset Audit is an assessment over how secure a network actually is. A security specialist reviews the firewall configuration and rules to determine if they meet compliance requirements.
Firewall audits are a requirement in many of the security standards today, like ISO 27001, PCI DSS and HIPAA. However, if we look beyond compliance requirements, regular reviews of firewall security are best practice.
To fulfil the requirements of PCI DSS, a firewall security review should be conducted at least every six months, or whenever a company has made major changes to their firewall configuration or firewall rules.
During a Firewall Ruleset Audit, our qualified security professionals will, among other things, review the following:
- Deep analysis of the source and destination
- Deep analysis of protocols
- User analysis
- Duplication or “ANY rules”
- Order of the rules
- Correct Deny All request not specified
LET EXPERTS REVIEW YOUR FIREWALL RULES
Complior has access to experienced PCI QSAs who can assess your compliance with the requirements in PCI DSS, and conduct Firewall Ruleset Audits.