« back

Edvance Consultation Services

Firewall Optimization

The Service

123 testing Through a non-intrusive manner, we review your critical firewalls (and also network equipment, which may have access control lists) and identify the risks and redundancy, including risky configurations, shadowed or redundant firewall rules, and non-complying settings. We employ industry grade security modeling tool to conduct the analysis. The results could great enhance the firewall security and operation efficiency.


Firewall is a crucial component to secure your infrastructure, yet its management is very difficult. A firewall must be always-on. Very often it is regulating traffics for multiple business functions and applications. The rule-set is frequently changed to catch up with the business development. Very fast, a firewall rule-set becomes very complicated, difficult to manage and review, and may contain unknown security loopholes

Edvance Consulting will make use of industry grade security modeling tool to review your firewall. The service will be conducted in non-intrusive mode, i.e., we don’t need to touch your systems at all. The analytical tool could digest all your firewall and network configurations, so that we are fully aware of your latest network topology and access control rule-set.


  • With this information, Edvance Consulting will deliver detailed information on the following:
  • Non-complying risky rules in your firewalls / network equipment, such as rules allowing any-any traffics;
  • Redundant and shadowed rules in your rule-set; they will slow down your firewall and make them difficult to manage, change, and review;
  • Risky configurations or settings not yet following the firewall vendor best practices;
  • [Optional] The rules that are not utilized at all (i.e. “zero hit-count”) – we need to collect your firewall logs to review if it is required.

The results will be reported and presented. It is a good practice for your organization to engage firewall optimization regularly. The report will help you prioritize your remedial actions, and will demonstrate that your firewall infrastructure is being regularly checked in a professional manner.