Firewalls - 171-0532-26
Agency/Program/System Description
Firewalls are devices or programs which control the flow of network traffic using sets of rules to prevent unwanted traffic from entering, exiting, or traveling within a network. Firewall rules are used to define the types of permitted or prohibited network traffic. Major components of firewall management include configuring, monitoring, and maintaining firewalls to address cybersecurity threats. The Department of Technology, Management, and Budget’s (DTMB) Enterprise Architecture, Network Security, and Cybersecurity and Infrastructure Protection (CIP) teams are responsible for managing the State’s firewalls. As of June 12, 2026, there were approximately 250 firewalls Statewide with approximately 46,000 firewall rules.
Audit Objectives
- 1. To assess the sufficiency of DTMB’s monitoring of the State’s firewall security.
2. To assess the effectiveness of selected DTMB change controls over the State’s firewalls.
3. To assess the sufficiency of selected DTMB controls over the State’s firewall configurations.
Timing
Estimated Release Date: Late 2026
← Back to all work in progress
