Assessments on the validity of Access Control List

We will remotely research the access control list according to your network configuration chart and firewall policy, etc. We will then generate an artificial traffic and run the assessment.

 

Firewalls are significant as a security boundary. However, it is ineffective if you do not take measures on the vulnerability within firewalls and will not be able to protect your valuable information assets from unauthorized accesses.

For a secure firewall operation, it is essential to set an appropriate policy to learn which connection to allow and which to deny. Tuning your firewall according to your network environment and goals is vital.

At Belue Creative, we inspect your best practice configuration as well as your firewall policy according to security standards such as the Center for Internet Security Benchmark (CIS), NIST, and SANS.

 

Details

  • Filtering configuration investigation
    Whether your internal network is appropriately protected, or if it is restricted from accessing external network
  • Inspection on the connection to your firewall itself
    Whether the firewall is appropriately protected

 

Features

Detecting vulnerabilities allows you to take appropriate security measures, and you can reduce the risk of unauthorized access to the network and the firewall itself.
 

Primary inspection subjects

Access Restriction Reviews

  • Firewall policy compliance status
  • Unnecessary of unidentified access restrictions
  • Access restrictions that could become a security hole
  • *We inspect in accordance with security standards such as ANS, CIS, NIST, and IPA

 

Other inspections

  • Determine patch and version update status of applications and OS
  • Determine whether the latest patch and software is applied on OS, application, or
    firmware

 

Inspection on firewall configuration

  • Operation management method
  • NAT configuration
  • Log configuration
  • Rooting
  • VPN configuration, etc.

We will implement the assessment after consulting details such as inspection range,
contents, and methods, with the client.

 

Our Approach