Auditing a FW

Things to log and Audit regularly:

  • All Internal Network Traffic allowed outbound
  • All External Network Traffic allowed inbound
  • Inbound Email traffic
  • Outbound Web and FTP Traffic
  • Inbound VPN Tunnels and other Remote Access Sessions
  • All inbound traffic that is blocked
  • PAT and NAT if implemented