Network & Infrastructure — Flagship Service

Firewall & Network Security Review

Deep configuration review of your FortiGate (or Palo Alto / Cisco / SonicWall), firewall rules, network segmentation, and routing security. Led by a practitioner with CCNP + Fortinet + OSCP — a rare combination in UAE.

AED 12,000 – 30,000 Fortinet · CCNP · OSCP 5 – 8 working days

Book a 30-min Scoping Call →

Jump to FAQ

What it is

A deep configuration and design review of your firewall and network perimeter: rule base, interface policies, VPN configuration, segmentation, routing, logging, SSL inspection, UTM profiles, high availability, and administrative hygiene.

We read every rule. We trace every exception. We map the data flows you think exist against the data flows the firewall actually allows. The gap is usually large.

The deliverable is a risk-rated findings report and a target-state design your network team can implement — with specific CLI commands or Portal steps for every change.

What this is not

Not a penetration test. No active exploitation — configuration and design only.

Not a vendor sales call. Vendor-neutral findings, no licensing upsell.

Not a 90-page compliance dump. Actionable findings with specific fix commands.

Not delivered by a reseller. We don't resell Fortinet. We review it.

Who this is for

1

Your FortiGate hasn't been reviewed in 2+ years — or never.

2

You inherited the environment after staff churn and nobody knows why half the rules exist.

3

An ISO 27001 auditor flagged network segmentation as a gap.

4

You're preparing a PCI DSS network zone and need to prove segmentation.

5

A recent incident or near-miss makes you want the rule base looked at properly.

What you get

Configuration review report — complete rule-base audit with unused, duplicate, overly-permissive, and risky rules flagged.
Segmentation map — current-state network zones + target-state recommendation with DMZ, management, user, server, OT/ICS zoning.
Findings report — every finding risk-rated with specific FortiGate CLI / GUI remediation steps.
Hardening recommendations — UTM profiles, SSL inspection posture, IPS, AV, web filtering, logging to SIEM.
Executive summary — 2-page CISO/board view.
Walkthrough session — live review with your network team covering every finding.

How we deliver

01

Scoping & access

1 – 2 days

Asset inventory, read-only admin access or config export, scope agreement.

02

Configuration audit

2 – 3 days

Rule-base review, policy cleanup candidates, UTM profile audit, logging configuration.

03

Segmentation & design review

1 – 2 days

Zone mapping, VPN posture, routing security, HA setup, admin access hygiene.

04

Reporting

2 days

Findings report, segmentation map, executive summary, remediation plan.

05

Walkthrough

90 minutes

Live session with your network team. Every finding, every fix, every priority.

Pricing

Published range

AED 12k – 30k

Per engagement. Written quote within 48 hours.

What drives the price:

Number of firewalls / HA pairs
Rule-base size (100 rules vs. 1,000+)
Multi-site / SD-WAN complexity
Vendor mix (single vs. multi)
Add-on: remediation-support days

Commercial terms

Deposit: 50% at signing
Net terms: Net-30
Quote validity: 30 days
Access: read-only admin or config export
No production changes without your network team

Your cert-backed team

Lead Reviewer

Vinoth Samiyappa

CCNP · Fortinet · Azure · Six Sigma

Focus: FortiGate configuration, firewall rule-base hygiene, network segmentation, routing security, HA design.

Supervising Practitioner

Manoj Prabhakaran

CPTS · CDSA · Security+ · ISO 27001 Lead Auditor

Focus: Compliance mapping (ISO 27001, NESA, PCI), risk-rating, report quality.

Frequently asked questions

Do you only review FortiGate, or other firewalls too?

FortiGate is our primary expertise — Vinoth holds Fortinet certifications. We also review Palo Alto (PAN-OS), Cisco ASA/FTD, SonicWall, and pfSense. Vendor-mix environments are normal and we handle them end-to-end.

Do you need admin access to the firewall?

Ideally yes — a read-only admin account is sufficient and lets us export full configuration, policy, and log settings. If read-only is impossible, we work from an exported configuration file.

What's the typical finding rate?

On FortiGate environments that haven't had a formal review in 2+ years, we typically find 30 – 200 stale, overly permissive, or misconfigured rules, plus 5 – 15 segmentation gaps. The specific count depends on environment complexity.

How long does it take?

5 – 8 working days for a single-site single-firewall review. Multi-site, HA-pair, and complex SD-WAN environments extend to 10 – 14 days.

Is this a penetration test?

No — this is a configuration and design review (no active exploitation). We often recommend pairing it with our Network Penetration Testing service so the design-level findings get validated by active testing.

Can you help implement the fixes?

Yes. Post-review implementation is offered as follow-on days at a pre-agreed rate, or as a fixed-scope remediation package. Vinoth can work directly with your network team or act as the implementation lead.

Do you handle Zero Trust migrations?

Zero Trust Architecture design launches in 2027 (you can join the waitlist on the Network & Infrastructure category page). For now, we handle traditional firewall hardening and segmentation uplift.

You might also need

When did someone last read every rule on your firewall?

If the answer is "a long time ago" — book a scoping call. Written quote in 48 hours. We can start inside 1 week.

Book a Scoping Call →