Firewall testing might imply the action of powering the firewall on, verifying that it boots as expected and that all connections have activity and are the to the correct network interfaces. Think about what a firewall does, though, and you will see that more than a successful power up needs to be verified during the firewall testing process. A firewall has a sometimes complex rule set depending on the application of the device. A home router has a firewall service that blocks a standard list of ports and has a pretty simple arrangement out of the box. A corporate firewall at a business can have a DMZ and several internal subnets, combined with complex rule sets to restrict and grant specific traffic. Firewall testing is not only recommended for businesses, it is essential. A firewall testing process that scans the device for open ports and paths inside your network can find holes that you can close. A more aggressive penetration type of firewall testing can scan for vulnerabilities in your security configuration by attempting to hack in using common exploits. This may seem overkill, but being hacked by a qualified firewall testing individual is far more desirable than being compromised by a hacker. Intrusion into your network can allow an individual nearly universal access to all sensitive and proprietary corporate data, including confidential documents, emails and files on end user machines. A comprehensive firewall testing plan will ensure that your security configuration is air tight and decrease the likelihood of your network being violated by undesired parties. Of course, no matter how carefully the firewall testing process goes, no network is one hundred percent secure; new security holes are discovered every single day. Regular firewall testing against newly found threats is proper due diligence in keeping your corporate network as safe as possible.
published in