Marathon’s Firewall Security Testing Service is designed to ensure that Firewalls have been installed and configured in a best practise way and appropriate port security is in place. The service is also designed to minimise the risk of intrusion attempts or unauthorised access to internal IT systems.
The service is an important part of ‘Firewall Lifecycle management’ and is used to ratify security from the initial installation and throughout the lifetime of the device. The scope of the service is to conduct regular network perimeter device exploration and security audits.
The information gathered by the service includes:
- Which Firewall ports are open and why
- A ports table (lists the port number and protocol, service name, and state)
- Software version details (for vulnerability management)
- Supported IP protocols
- Reverse DNS names
- Device types
- MAC addresses
- Script Scanning
What are the benefits?
- Minimise the risks associated with new technology implementation
- Have confidence that your IT security perimeter devices are regularly analysed for potential weaknesses
- The service is unobtrusive and stealthy to ensure that business impact is kept to a minimum
- The service can be delivered as a monthly or quarterly Firewall Health Check service with reports delivered by email
- Reports highlight any changes that have been made or risks that have been introduced by those changes since the last Health Check service
- Firewall configuration and installation
- Hardware maintenance
- Remedial action following the Firewall test
- Penetration Testing
- Vulnerability Scanning
- Internal NAT translation and analysis
- High Availability testing for dual devices etc.