About Firewall Monitoring
Nick Hemenway avatar
Written by Nick Hemenway
Updated over a week ago

Halo Security Firewall Monitoring service shows you what's going on with every website or IP address in your arsenal, giving you insight into firewall configuration issues and weaknesses. We continually assess risk at the firewall level, and monitor for exposed ports and services and firewall configuration changes.

Firewall Monitoring should be applied to all of your assets found with the Discovery service.

Access your Firewall Overview here.

You’ll be able to easily see:

  • Open ports

  • Services available

  • Products being used

  • Product versions

For HTTP servers, you’ll also be able to see:

  • Which sites redirect

  • Which have no site

  • HTTP response status

  • Platforms in use

During each firewall scan, we also automatically apply certain tags to help you better manage your assets:

has-dns

DNS service detected

has-ports

Open ports detected

has-website

HTTP service detected

no-dns

No DNS service detected

no-ports

No open ports detected

no-website

No HTTP service detected

How does it work?

Validating firewall security is the first line of defense. Breaches are often caused by unexpected firewall changes or obsolete network services which is why our firewall scanning will:

  • Continuously monitor your firewall for changes.

  • Use a proprietary algorithm for high accuracy.

  • Measure your firewall risk and firewall changes over time.

  • Detect uncommon ports and uncommon services.

Risk levels

For each port, we assign a simple color risk rating:

RED = The service is ALMOST NEVER exposed to the internet.
YELLOW = The service is NOT COMMONLY exposed to the internet.
GREEN = The service is NORMALLY exposed to the internet.

Scanners

  • 74.82.62.128/26

  • 64.39.96.0/20

  • 3.18.82.183/32

  • 108.170.10.168/29

Did this answer your question?