What should be in a firewall audit checklist?

Date December 1, 2005

A friend asked me to audit his firewall at work.
Honestly, I have no clue even though googled for many days.

In this context, I am planning to audit the firewall as follows: Any
comments/suggestions are welcome.

1) The placement or location of the firewall
2) Vulnerability scanning the firewall from outside, e.g., Internet
3) The rulebase or security policy according to its vendor recommendation
4) I will also check the access control (ID, password and priviledges) to
the system.
5) physical security of the system
6) Monitoring of the firewall log, to find out if any port scanning or
hacking activities
7) Rulebase Change Control
8) documentation
9) Please generously point out the missing pieces as you see it.

Any input/comments are greatly appreciated.

Thanks,

Doug

* Firmware version — most notably security updates.

Category Posted in Q & A

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>