ConfigSentry Technical Security Report

Account Report Banner
Your report banner here
Audit Dashboard
Security Posture Summary
A visual overview of security posture, rule-base composition, optimisation opportunities, and technical context before the detailed report sections begin.
Engineer Report View
Security Posture Overview
Critical
Critical issues were found and should be prioritised for remediation.
37
Findings
Severity Breakdown
Critical
5
High
21
Medium
3
Low
3
Informational
5
Outcome Distribution
335
Results
Pass / Fail / Info
Fail
32
Info
5
Pass
298
Report Information
Audit Name Outer-90E Audit
Assessment Date 20/05/2026 22:12
Policies Analyzed 25 rules
Total Effort 167.5 hours
Audited Device Information
Vendor/Type Fortinet/FortiGate
Configured Hostname Outer-90E
Hardware Model FortiGate 90E
Software Version 7.2.11
Audit Rule Template Default (System) - Firewall Baseline
Top Security Findings
CRITICAL
Administrator admin lacks MFA or approved external authentication
Rule 1/ADM-003
4 Affected
CRITICAL
Default administrator account admin is still enabled
Rule 1/ADM-002
1 Affected
HIGH
Avoid broad east-west segmentation rules
Rule 1/SEG-001
14 Affected
HIGH
Restrict administrator logins to trusted hosts
Rule 1/ADM-001
4 Affected
HIGH
Avoid overly broad outbound allow rules
Rule 1/FW-008
1 Affected
Rule Base Analytics
25
Policies
Policy Actions
Allow
21
Deny
2
Disabled
2
Other
0
Allow Rules 21
Deny Rules 2
Disabled Rules 2
VDOMs 2
Interfaces 29
Policy Optimisation
Duplicate Rules 0
0
Shadowed Rules 0
0
Unused Rules 0
0
Overly Permissive Rules 0
0
Any-Any Rules 7
7
Logging Gaps 0
0
Risk Categories
Network Exposure 38%
14
Compliance Impact 24%
9
Logging and Monitoring 19%
7
Configuration Hardening 11%
4
Object Hygiene 5%
2
VPN / Remote Access 3%
1
Audited Sections
Use these filters to include or exclude Global Configuration and individual VDOM scopes in this downloaded report.

Verified Results

Severity Finding Results Effort
No findings match the current filters.

Implementation Guidance

Testing Requirements
Validate remediation in a non-production environment before deployment and confirm that required traffic still functions after changes.
Change Management
Follow change control procedures, retain rollback plans, and document stakeholder approvals for firewall modifications.

Prioritization Approach

  1. Address Critical verified findings within 48–72 hours.
  2. Plan High verified remediation within 1–2 weeks.
  3. Schedule Medium priority fixes in the next maintenance window.
  4. Bundle Low priority items into routine improvement cycles.
  5. Review informational controls separately with engineering and audit stakeholders.

This report was generated by ConfigSentry by secdit.

Product Website Main Website Contact Us