English Japanese
Belue Creative, Information Security Services, Information security management

Diagnose ACL validity of firewall.

We refer to your network configuration diagram, firewall policy, etc. and review the ACL on the desk, and generate pseudo traffic and do testing.

The firewall is important as the security of the border area of the network.​
However, your information assets and systems may not be protected by a firewall. It means you are not protected from the attacks that can be defended by default due to firewall vulnerability, incomplete ACL, or misconfiguration.​​

We inspect the setting of best practice with reference to security standard such as Center for Internet Security Benchmark (CIS), National Institute of Standards and Technology (NIST), SANS etc., and compliance status of customer’s firewall policy.

Following is the image of Firewall security diagnosis.

Firewall security diagnosis

Following are the examples of inspection items.

Access control list review

  • Compliance status of firewall policy
  • Unnecessary, unknown access control
  • Access control that can be a security hole
  • Refer to security standards such as SANS, CIS, NIST, IPA​

Following are other inspection item examples.​

Confirm update status of OS, application patch and version

  • Does OS, application, or firmware have the latest patches and software applied?
Firewall configuration check​

  • Operation management method
  • Configuring NAT
  • Log settings
  • Routing
  • VPN setting etc.

The details of diagnosis (scope, contents, method, etc.) will be carried out after consultation with customers.​

Following shows the flow of services.

Firewall security diagnosis