NextGen firewalls or NGFWs are a great asset to protect your network and increase visibility. As a SOC provider one of our objectives is detecting misconfigurations in security solutions deployed across companies.

It doesn’t matter if you have ‘Check Point Software Technologies’, ‘Palo Alto Networks’, ‘Fortinet’ or another one. By analyzing millions of logs daily through our Security Operations Center (SOC), we found many misconfigurations across organizations of all sizes. Below you can find the top 3.

top 3 misconfigurations

⚠️ #1

IPS/IDS IS ENABLED BUT TLS INSPECTION IS DISABLED

Most IPS/IDS signatures work at the application layer. Without TLS decryption these signatures won’t work.

⚠️ #2

NO PROTECTIONS FOR REMOTE VPNS

Make sure that system accounts are not able to authenticate in your VPN service and apply threat prevention policies to your remote VPN traffic

⚠️ #3

NOT SECURING YOUR NEXTGEN FIREWALL

Remember to secure your security solutions: Apply strong authentication, check who or what can access your firewall and periodically check your firewall’s authentication logs.

THE GOOD THING?

All these considerations are easy to fix and can be monitored by a Security Operation Center (SOC).

Get in contact
MORE Security Pills 💊
Latest pills in your mailbox?
Subscribe here
Follow us on LinkedIn
LinkedIn