As changes are made to a firewall configuration, firewall testing should be the final step to ensuring that the changes put in place have not created an opening in your security scheme. Even a simple change that might seem innocuous can potentially present a hole an attacker can use to gain access to your systems. A firewall testing sweep performed after a new rule is put in place will examine open ports and identify vulnerabilities that known attacks can use to violate your security scheme and find a way in. Firewall testing is generally performed by a security analyst using a firewall testing program that, with your permission, attempts to hack your firewall. It will provide a list of every open port, and the nature of the access granted by traversing that open port. The firewall can only block access; once a port has been opened to outside parties, it is up to the computer being accessed to be hardened sufficiently to prevent incoming connections from being able to access accounts or find vulnerabilities.
Firewall testing is not only limited to use during configuration changes; new firewall deployments, or even established, untouched firewalls should be scanned on a regular basis to ensure that they are working as designed. The rule set in place on the firewall of a complex network is extensive; casually viewing the rules may not reveal even glaring openings in security like firewall testing can. The risks of having an insecure firewall are immense, and a large enough gap can make the firewall next to useless when faced with a skilled hacker. Taking the time to protect both your site and yourself from the liability presented by an intrusion by a comprehensive firewall testing plan ensures both the security of your corporate network, and your position as network administrator.
