1. Home
  2. AAT Case Studies
  3. Firewall Hardening for AAT
Firewall Hardening for AAT 

Firewall Hardening for AAT 

Challenge 

Following an external audit, the Association of Accounting Technicians (AAT) identified a need to review and strengthen their firewall rule sets after a recent server migration to a new provider. The audit recommended a thorough evaluation to ensure that only essential rules were maintained and that their firewall configuration provided optimal security for AAT’s systems. 

Solution 

In our capacity as CTO as a service, we worked with the provider to review the current firewall rulesets. By understanding the clients' systems and services, we identified rulesets which needed to be removed and identified how rules could be hardened. 

The project followed a two-phase approach to minimise service disruptions: 

  • Phase 1: PSP implemented hardened rule sets above the existing configurations. This step ensured immediate security improvements without affecting active services. 

  • Phase 2: After observing traffic patterns and confirming that critical systems and services were unaffected, PSP disabled and removed the outdated rules. During this phase, we monitored the system carefully to ensure that all essential operations remained uninterrupted, and we documented each change to maintain a clear security audit trail. 

Results 

As a result of PSP’s firewall hardening process, AAT achieved an optimised firewall configuration with enhanced security. Redundant and outdated rules were eliminated, reducing the attack surface and minimising potential vulnerabilities. The two-phase approach allowed for a seamless transition to a hardened firewall rule set without disruption to AAT’s operations. Additionally, by documenting each rule and its purpose, PSP provided AAT with a clear, manageable firewall structure, making ongoing security audits and future updates more straightforward. 

Conclusion 

PSP’s firewall hardening process provided AAT with a more secure, streamlined rule set that supports their Cyber Essentials Plus compliance. Each rule was recorded with a clear rationale, ensuring that AAT’s firewall configurations remain transparent, secure, and aligned with their operational requirements. This proactive approach strengthened AAT’s cybersecurity posture and ensured that their firewall is fit for purpose in a dynamic IT environment. 

 

Share:

Looking for a fractional CTO?

Your search for a Digital Transformation Consultant is over.