Our Forensic Readiness Review ensures that an organisation is collecting sufficient logs and storing them in a forensically sound manner in order to facilitate a thorough investigation of an incident and if necessary prosecute the attackers in a court of law.
By default, most organisations do collect some logs from their network devices and various operating systems, however, most don't manage them or consider the "audit policy" which defines which events are recorded.
When we audit a firewall we not only look at whether they are up to date but also review all of the rules to ensure each rule is adequately granular and that the source and destinations are still appropriate, finishing off by checking for an explicit deny.
We also check the architecture for correct placement and to ensure there aren't any potential bypasses. The configuration for each firewall is checked to ensure that licensed functionality is turned on and configured correctly.
Rest assured that we won't make any changes to the firewalls during the audit. Instead, a report will be produced with observations made and recommendations to remediate the issues found.
If the remediation is beyond the capability of your staff we can be engaged to work with you to implement any agreed changes.