Our Services

  • Network Security Professional Services
  • Large-Scale Firewall Deployments
  • Advanced Security Architecture
  • Vulnerability Scanning
  • Penetration Testing
  • Security Training
  • Security Automation
  • Assessments, Audits, and Compliance

Network Security Professional Services

Firewall Consultants offers a wide range of customizable professional services to meet our clients needs. In each of our offerings our goal is to help our clients with their long-term security needs and only offer solutions which improve our clients security posture. Some of our most popular services are as follows:

  • Security Architecture Design
  • Security Assessments
  • Security Audits
  • Security Automation Services
  • Continuous Security Testing
  • Custom Security Training Classes
  • Disaster Recovery Testing
  • Network Security Assessments
  • Firewall Assessments and Audits
  • Architecture Assessments
  • Cloud Deployment Security Assessments
  • Vendor Assessments
  • SIEM Integration
  • Penetration Testing
  • Vulnerability Scanning
  • Compliance Preparation
  • Complex Environment Security
  • Cloud Migration Security

Most of our services are geared for very large networks but we are very happy to work on smaller projects espescially with high-tech startups. If you have a project in mind definitely contact us to see how we can help.

Large-Scale Firewall Deployments

We have done some huge firewall deployment and redesign projects over the last decade. If you have thousands of firewalls or millions of firewall rules or simply a very complex environment you can be assured we have experience tackling similar projects. We can also provide oversight if you have a particularly high-risk or high-security project that you want to ensure has expert eyes on all aspects before it is deployed.

Large-scale cloud-compute firewall management is also something we've been doing for over a decade. If you are deploying hundreds or thousands of systems onto a large cloud-compute platform and want to ensure that your deployment works with your CI/CD system we are probably exceptionally gifted in helping you with this particular challenge. Likewise if you are doing a large migration to the cloud we can definitely help you avoid a lot of the problems companies with traditional security controls make when migrating to the cloud.

Contact Us if you'd like to see how we can help.

Advanced Security Architecture

Advanced security architecture is really the core of our business. Our team has been designing extremely large and extremely complex security solutions for over a decade for many globally recognized Fortune 500 companies and large government organizations. Good architecture decisions is at the heart of everything we do and we are constantly working to improve our clients networks architecture such that the design elements will offer the strongest levels of protection. Likewise due to our exposure to hundreds of unique security design issues we have learned thousands of little tricks that radically change our clients security posture and can make operating a secure network much easier. One of our goals in architecture design is lowering the overall cost and maintenance of the security controls by reducing attack surface or by using superior security controls we can reduce the operational costs which in turn allow your security team to focus on more advanced issues. Many of these changes will also reduce your overall operating expenses and improve your sites performance at the same time. As with all architecture design decisions the earlier you bring security in the better your overall security posture will be and the less expensive it will be to operate.

Contact Us if you'd like to see how we can help.

Vulnerability Scanning

Are you in a rush to deploy a large-scale vulnerability scanning project ? Want to have a third party manage everything temporarily until your staff get everything else under control but without the risk of vendor lock-in ? Firewall Consultants team can provide everything you need to get your project up and running we can perform all of the testing, enter all the results into your internal ticketing system or we can even setup a dedicated Jira system or simply use Google Docs to track everything for you.

Additionally we can work closely with your staff when they have questions about the best way to remediate specific issues. Once our staff understands what equipment and tools you have available we provide your team with very specific instructions for how to remediate problems quickly for the short term if needed and also provide information on how to manage these issues long-term. This is very different than the system-oriented recommendations that come with all commercial vulnerability scanners and can help save your teams a tremendous amount of time with this process.

If this sounds good to you or you have a specific process in mind contact us and lets work on getting you the exact solution you need.

Penetration Testing

We provide a lot of different types of penetration testing services based on our clients needs. Some clients are looking for ongoing testing to match their application development sprint cycles others are looking to understand how their entire organization looks from a security perspective and some are looking to verify that their vendors, third-party partners, and custodians of their data are implementing proper security controls. In all of these cases the purpose is to make the potential problems visible as soon as possible so they can be corrected. Our company provides a deeper level of testing across all platforms and protocols to enable our clients to dig deeper into their systems and have a stronger more stable platform for their business. Taking this a step further our goal is to help our partners have long-term security so we are very involved in making specific recommendations which reduce the amount of labor and expenses involved in securing their organizations.

Our process is also unique in that we try to strengthen your organization's staff rather than attempt to sell you additional services. In every interaction we do this by leveraging on-site or remote training at all times to continuously enhance your team's strength. In that respect you can think of us as a set of personal trainers or coaches helping your team to grow. This process of growing security in your organization is what we believe really makes a difference long-term. Likewise analyzing security at deeper levels allows us to strengthen your teams knowledge by forcing the team to analyze areas which may otherwise be overlooked. So our approach to penetration testing is a little different in that it's driven by our goals to truly help our clients long-term rather than just providing them with quick technical feedback.

If this sounds like something that interests you please let us know

Security Training

We are BIG on security training. Whether you found out about us via one of our public training classes or have heard about the training we provide while doing on-site work it's probably one of the main things you heard about us before visiting this website. The reason we think training is so important is simple, we want to move your entire organization up a level in security and the only way to do that by strengthening the whole team. To that end we provide a LOT of training when we work with our clients to ensure every project is successful long-term.

Frequently Taught Courses and Presentations:

  • Introduction to Penetration Testing
  • Penetration Testing
  • Cloud Compute Security Issues
  • Security Automation Basics
  • Incident Response Automation
  • Security Architecture Considerations for Cloud Deployment
  • Linux Security on AWS

Whether you want a custom class, something integrated with an assessment, or are curious about our next public class offering contact us and let us know what you're interested in.

Security Automation

Automation of security controls is probably the single most powerful thing any organization can do once they have the basics in place. Whether you are simply looking at security automation to help shorten your security feedback loop for your DevOps team or you want a full-blown security automation solution embedded into your organizations operational systems we can help. Currently most companies are moving to security automation due to the long-term reduction in labor expenses around basic tasks but the real advantage is in high-speed responses to issues as they arise.

We'd be happy to work on automating almost any security control but some that other clients have found useful include:

  • Automating Firewall Rules
  • Automated Incident Response
  • Blocking Brute Force attacks
  • Blocking Web-based Attacks
  • Cloud Compute Infrastructure Defenses
  • Reconfiguring defenses based on Threat Intelligence
  • Detecting Infrastructure Misconfigurations
  • Automatically preventing data loss and exfiltration
  • Replacing compromised systems automatically
  • Disabling network access to compromised hosts
  • Many more specific to clients environments

Contact Us if you'd like to see how we can help.

Security Assessments

Apparently people love having us do their security assessments. We think this is because of the following reasons:

  • We genuinely care about your organizations security and protecting your customers data.
  • We dig MUCH deeper into all sorts of security issues.
  • We then provide easy to understand and easy to deploy solutions for each of the issues found.
  • Your team will be stronger and more knowledgeable when we are done.
  • We want to help reduce the amount of labor in your processes by automating the basics. So our recommendations tend to make your teams work easier.
  • We are focused on your organizations long-term security going forward and understand that all organizations end up creating technical debt in different places that need to be addressed later. This happens, and can be cleaned up.
  • We can help break through political silos which can occur between engineering teams in larger organizations.

Types of assessments we offer

  • Organizational Security Assessments/Audits
  • Vendor Assessments : one or all of your vendors
  • PCI Readiness Assessment
  • Cloud Security Assessment
  • Inside-out egress rule testing
  • Penetration Testing
  • Application Assessments
  • Infrastructure Assessments
  • Disaster Recovery Readiness Assessments
  • Red Team Engagements
  • Social Engineering Assessments
  • Formal Security Audits
  • Firewall Audits and Assessments
  • Competitive Intelligence Data Leakage Assessments
  • Wireless Security Assessments