Any business that has grown beyond a handful of employees and has online operations will have a network firewall – a device that acts as a firewall for the entire organisation’s network. While individual devices may include a host-based firewall that can prevent attacks at a device level, the network firewall acts as gateway security and blocks malicious traffic from entering the business network, making the network firewall a critical first-line-of-defence appliance in enterprise cybersecurity.
What is Firewall Hardening?
Hardening a firewall refers to enhancing security by customising the firewall configuration to suit the security and business requirements of each organisation and to rectify any errors in configuration, such as allowing any-to-any or all-to-all communication (only one-to-one communication should be permitted). Firewall hardening can make a significant difference to enterprise cybersecurity; the data breach of one of Australia’s largest health insurers, expected to cost $40+ million to remedy, was partly caused by a misconfigured firewall.
Why Aren’t Network Firewalls Hardened Out Of The Box?
Network firewalls have default settings that will provide a degree of security, but these settings will need to be tweaked to suit the requirements of each organisation. A business that does not make use of Remote Desktop Protocol (RDP) will not require relevant ports to be open; such a configuration will not be appropriate for a business that uses RDP which will need the relevant ports to be open and secure. Enterprise firewalls may have thousands of rules due to the requirements of their teams, tools, and industry. A one-size-fits-all approach will not suit such organisations and their firewall configuration will need to be evaluated and hardened on a case-by-case basis.
When Should Network Firewall Hardening Be Performed?
Network firewall hardening should be performed immediately after
- The network firewall is installed
- Structural changes occur in the IT infrastructure, such as deployment of new enterprise software tools that require changes in the firewall configuration
- Compliance requirements are introduced that mandate changes in the configuration of the firewall or other IT infrastructure elements that may impact the firewall
If your organisation has not hardened the network firewall after any of the above events have occurred, it is advisable to conduct a firewall hardening exercise immediately.
Benefits of Firewall Hardening
The benefits that enterprises receive from firewall hardening can be broadly classified into 3 categories:
- Cybersecurity – Hardening a network firewall can prevent internal and external threat actors from exploiting security gaps that exist in the enterprise network
- Compliance – Firewall hardening can prevent cybersecurity incidents that attract penalties and other regulatory action
- Performance – A firewall hardening exercise will include a review of firewall rules and removal of rules that are no longer required, improving firewall performance
Can Internal IT Teams Perform Firewall Hardening?
Firewall hardening may be performed by the internal IT team if they possess the required skills and experience, but is more likely to be performed by a cybersecurity service provider as it requires specialised expertise and in-depth knowledge of security advisories issued by network equipment vendors. When choosing the service provider, prioritise
- Demonstrated cybersecurity experience with a track record of protecting enterprises operating in security-sensitive industries
- Familiarity with the IT environments, constraints, and technology needs of a wide spectrum of industries
- Exposure to compliance standards and requirements that vary across jurisdictions
- Team members with proven expertise in network firewall hardening
K7 Firewall Hardening
K7 provides firewall hardening services that are designed to maximise enterprise network security and ensure compliance with relevant regulations without affecting operational efficiency. Our process includes
- As-is Study – Every enterprise has a unique set of business processes, IT tools, technology requirements, and compliance obligations. K7’s team begin the hardening exercise by first assessing the IT ecosystem though an as-is study to understand the nature of the business and its IT infrastructure
- To-be Report – The To-be Report illustrates the desired state of the network within the context of the organisation’s business, processes, resources, and technology requirements
- Gap Report – This report details the gaps between the As-is Study and the To-be Report with an emphasis on the best practices that must be followed to ensure robust enterprise cybersecurity is maintained
- Hardening Document – The Hardening Document combines the results from the As-is Study, To-be Report, and Gap Report to provide a set of recommendations which, when implemented by K7, will optimise network security
- The Hardening Document can also be provided to a network firewall vendor if a new unit is installed, enabling them to deploy the equipment with optimum configuration
K7 Consulting Services delivers firewall hardening and other enterprise cybersecurity services based on over 30 years’ expertise in the cybersecurity industry. Contact us to learn more about how we can help you protect your organisation’s IT resources and satisfy compliance obligations.