This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

How to test your firewall

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to test your firewall

ZEBIT
L3 Networker

‎05-13-2014 02:47 AM

We have a Palo Alto PA500 with several security rules. It seems okay, but the CEO asked that I'm sure the company is secure.

So the question is, how can I test we are safe from the outside world?

0 Likes Likes
6 REPLIES 6

DaveCorwin
Not applicable

‎05-13-2014 05:55 AM

If he wants a thorough test of your network security, he may want to hire a pen tester. Other than that, you could utilize the various functions on the monitor tab. Your question encompasses a rather broad tasking, so you would likely want a plan of action laying out exactly what needed tested prior to the testing. 

0 Likes Likes

ssharma
L5 Sessionator

‎05-13-2014 07:07 AM

Hi Zebit,

Other than penetration test, you can try to access the resources hosted inside and try to access them with ports or services that are not allowed. You can also test same this with outbound traffic. Other test can also include eicar test. You can access ACC tab and also threat and traffic logs to see what all services are denied or allowed and see if that is according to the policy. HTH.

pulukas
L7 Applicator

‎05-18-2014 04:32 AM

If you don't have a budget for external pen testing, you can setup the scanner tools and run a basic exam yourself.  Nmap and metasploit are the basic tools of the pen tester.

Nmap - Free Security Scanner For Network Exploration & Security Audits.

Penetration Testing Software | Metasploit

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
0 Likes Likes

Satish
L4 Transporter

‎05-18-2014 11:57 PM

Hi Zebit,

There are so many option you can check the security parameter of yours network that is called pen testing, for pen testing so many free tool and os are available in cyber space (backtrack, Kali linux , anonymous ). in you concept scan own public ip , find open port , Try DDoc attack , target attack ....... etc

0 Likes Likes

mizhou
L2 Linker

‎05-21-2014 12:09 AM

You can use the Nessus to scan the resource that is protected by the firewall as well.

0 Likes Likes

_slv_
L4 Transporter
In response to mizhou

‎05-21-2014 01:41 AM

Hi

You can use Evader – Advanced Evasion Techniques – Free Security Tool | McAfee

Slawek

0 Likes Likes
  • 4838 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks