Beware advice following a security scan

We recently had a client undergo a security scan of their firewall configuration from an independent third-party and the good news is their scan resulted in a rating of “A” – and excellent result! However, there was one recommendation made that the scan tool suggested to further enhance security. After consulting with the client, we agreed to implement the recommended change and asked the third-party to rescan the environment.

Post change, the environment rated a “B”.

So, we reverted back to the prior config and rescanned, and they were back to an “A”.

These security scans are only as good as the tools that are used to run them. In this case, the tool was making a faulty recommendation. Keep in mind that when interpreting recommendations, if the only source for the recommendation is the results of a scan from a single tool, the results aren’t guaranteed to be correct. Suite3 bases our advice based on what will make an environment most secure, not necessarily based on what will result in the best score.