Network Security

Ensure your firewall rules are fit for purpose.

A thorough manual review of your firewall configuration to identify weaknesses, misconfigurations, and outdated rules that could expose your network, with clear, actionable recommendations to tighten your perimeter.

Get in Touch View Our Methodology

What we offer

Firewall security, reviewed thoroughly.

Vendor Agnostic

We review firewall rulesets from all major vendors including Palo Alto, Fortinet, Cisco, Check Point, and pfSense, as well as cloud-native security groups.

Beyond Compliance

Our review goes beyond checkbox compliance to assess whether your rules actually enforce the segmentation and access controls your organisation needs.

Categorised Findings

Findings are grouped by category, making it straightforward for your team to work through related rule changes together rather than jumping between unrelated issues.

Scope

Areas we can review.

Unrestricted Destinations

Rules allowing internal machines to connect to any external host on specified ports. Where possible, destination addresses should be limited to intended hosts or wildcard FQDNs.

Unrestricted Ports

Rules lacking port and protocol restrictions, allowing unrestricted data transmission between source and destination addresses.

Overly Permissive Rules

Rules that enforce no limitations on destination address and port, leading to unrestricted outbound access and potentially invalidating more restrictive rules below them.

Incorrect Rule Ordering

Rules that are not in the correct processing order, potentially causing security-critical rules to be bypassed or rendered ineffective by broader rules above them.

Misconfigured Rules

Rules where the description or naming does not align with the actual policy configuration, making the ruleset harder to audit and maintain.

Missing & Disabled Rules

Best practice rules identified in some configurations but absent from others, and disabled rules marked for deletion that should be removed to reduce ACL complexity.

How we work

Our methodology.

Step 01

Scoping

We agree the firewalls in scope, the format of ruleset exports, and any specific network zones or trust boundaries to prioritise.

Step 02

Rule Export

Your team provides ruleset exports in the appropriate format for your firewall vendor, with guidance from our consultants where needed.

Step 03

Review

Systematic, line-by-line review of every rule against security best practices, identifying misconfigurations, redundant entries, and segmentation weaknesses.

Step 04

Reporting

Clear findings with specific rule-level remediation guidance that your team can implement directly.

What you receive

Your deliverables.

Firewall Review Report

A single report covering executive summary, per-rule findings with current vs recommended configuration, severity ratings, and step-by-step remediation guidance.

Findings Debrief

A walkthrough of the results with your technical team, covering key findings, risk context, and remediation priorities, with time for questions.

Ongoing Support

Post-engagement support from the Illume team to answer questions about findings and remediation guidance.

FAQ

Frequently asked questions.

Why should we have a firewall rule review?

Firewall rulesets grow over time as rules are added for new services, projects, and temporary requirements. Without regular review, rulesets accumulate overly permissive rules, outdated entries, and ordering issues that can silently undermine your security posture. A review identifies these issues before they are exploited, and provides a clean baseline to build from.

What information do you need from us?

We need an export of your firewall ruleset in a format supported by your vendor. Most firewalls support CSV or XML exports. We can guide your team through the export process during scoping.

Do you need access to our firewall directly?

Not necessarily. If you can provide a ruleset export, we can perform the review without direct access. However, read-only access to the firewall management interface can be helpful for understanding the broader network context.

Which firewall vendors do you support?

We review rulesets from all major vendors including Palo Alto, Fortinet, Cisco ASA/Firepower, Check Point, pfSense, SonicWall, WatchGuard, and cloud-native security groups in AWS, Azure, and GCP.

How long does a firewall rule review take?

Duration depends on the number of firewalls and the size of the rulesets being reviewed. Smaller environments can be completed quickly, while organisations with thousands of rules or multiple firewall clusters require considerably longer due to our manual, line-by-line approach. We agree the exact duration during scoping so you receive a fixed-price proposal before any work begins.