FIREWALL
What is a Firewall?
A firewall is a network security system—either hardware, software, or both—that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies. It acts as a barrier between a trusted network and untrusted external networks (like the internet).
Why is a Firewall Useful?
Protects networks from unauthorized access and cyber threats.
Monitors and controls traffic based on defined rules.
Prevents malware, exploits, and intrusion attempts.
Supports compliance with security standards (e.g., PCI-DSS, HIPAA).
Enables segmentation of networks for control and isolation.
How It Works:
Traffic arrives at the firewall from internal or external sources.
Rules are evaluated – based on IP address, port, protocol, etc.
A decision is made: allow, deny, or log the traffic.
Traffic is forwarded or blocked accordingly.
Logs and alerts are generated for monitoring and auditing.
Where is a Firewall Used?
Enterprise networks – to protect internal infrastructure.
Cloud environments – as virtual firewalls (e.g., AWS Security Groups, Azure NSGs).
Home networks – within routers or personal firewall applications.
Data centers – to segment and secure workloads.
Industrial systems – for securing OT/SCADA networks.
Which OSI Layer Does This Concept Belong To?
Firewalls operate primarily at Layer 3 (Network) and Layer 4 (Transport) of the OSI model.
They analyze IP addresses, TCP/UDP ports, and protocols.
Next-Generation Firewalls (NGFWs) may also inspect traffic at Layer 7 (Application Layer) such as HTTP, DNS, or FTP.
Topics in this section,
In this section, you are going to learn
Terminology
Version Info
S.No |
Firewall Version |
RFC Number |
Core Idea / Contribution |
Year |
|---|---|---|---|---|
1 |
Packet Filtering |
RFC 2979 |
Behavioral expectations for Internet firewalls |
2000 |
2 |
Firewall Traversal (SIP) |
RFC 5626 |
Managing NAT and firewall traversal for SIP clients |
2009 |
3 |
Middlebox Communication |
RFC 3303 |
Middlebox communication architecture and framework (firewalls, NATs, etc.) |
2002 |
4 |
Firewall-Friendly FTP |
RFC 1579 |
FTP operation through firewalls using passive mode |
1994 |
5 |
Firewall Policy Control |
RFC 3746 |
Generalized framework for policy-based routing and firewall control |
2004 |
6 |
NAT and Firewall Traversal |
RFC 3489 |
STUN protocol for NAT/firewall traversal |
2003 |
7 |
Firewall Bypass (TURN) |
RFC 5766 |
TURN protocol for relaying media through firewalls and NATs |
2010 |
8 |
Firewall Detection |
RFC 8155 |
Methods for detecting firewalls and NATs in IPv6 networks |
2017 |
Setup
Setup
TCP Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
1 |
TCP |
Connection request (SYN), data transfer, ACK |
401500 |
ource Port |
Port number of sender |
2 |
|
Destination Port |
Port number of receiver |
2 |
|
Sequence Number |
Tracks packet order |
4 |
|
Acknowledgment Number |
Confirms received data |
4 |
|
Data Offset |
Header length |
0.5 |
|
Flags |
Control bits (SYN, ACK, etc.) |
1 |
|
Window Size |
Flow control |
2 |
|
Checksum |
Error-checking |
2 |
|
Urgent Pointer |
Marks urgent data |
2 |
|
Options |
Extra settings (e.g., MSS) |
040 |
|
Payload |
Actual data |
01460 |
UDP Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
2 |
UDP |
DNS query, video/audio streaming packets |
281500 |
Source Port |
Port number of sender |
2 |
|
Destination Port |
Port number of receiver |
2 |
|
Length |
Total length of UDP packet |
2 |
|
Checksum |
Error-checking |
2 |
|
Payload |
Actual data |
01472 |
ICMP Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
3 |
ICMP |
Ping request/reply (Echo) |
2864 |
Type |
ICMP message type (e.g., Echo) |
1 |
|
Code |
Subtype of message |
1 |
|
Checksum |
Error-checking |
2 |
|
Identifier |
Used to match requests/replies |
2 |
|
Sequence Number |
Tracks order |
2 |
|
Payload |
Optional data |
056 |
HTTP/HTTPS Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
4 |
HTTP/HTTPS |
Web page request/response |
5121500 |
Request Line |
Method, URL, HTTP version |
~20100 |
|
Headers |
Metadata (Host, User-Agent, etc.) |
~200800 |
|
Body |
Actual content (e.g., form data) |
01400 |
DNS Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
5 |
DNS |
Domain name resolution query/response |
64512 |
Transaction ID |
Identifies request/response |
2 |
|
Flags |
Query/response, recursion, etc. |
2 |
|
Questions |
Number of queries |
2 |
|
Answers |
Number of answers |
2 |
|
Authority |
Number of authority records |
2 |
|
Additional |
Number of additional records |
2 |
|
Query Section |
Domain name, type, class |
~2050 |
|
Answer Section |
IP address or CNAME |
~20100 |
SMTP Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
6 |
SMTP |
Email transmission packets |
5121500 |
Command |
SMTP command (e.g., HELO, MAIL FROM) |
~410 |
|
Header |
Email metadata (From, To, Subject) |
~100800 |
|
Body |
Email content |
01400 |
|
TCP Header |
Transport layer info (ports, flags) |
20 |
|
IP Header |
Source/destination IP, TTL, etc. |
20 |
SNMP Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
7 |
SNMP |
Network monitoring and management packets |
48512 |
Version |
SNMP version (v1, v2c, v3) |
1 |
|
Community String |
Authentication string |
~832 |
|
PDU Type |
Type of SNMP message (GET, SET, etc.) |
1 |
|
Request ID |
Identifies the request |
4 |
|
Error Status |
Indicates error (if any) |
1 |
|
Error Index |
Points to error field |
1 |
|
Variable Bindings |
OID and value pairs |
~32400 |
|
UDP Header |
Source/destination ports, checksum |
8 |
|
IP Header |
Source/destination IP, TTL, etc. |
20 |
GRE/IPSec Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
8 |
GRE/IPSec |
VPN tunneling packets |
641500 |
Flags |
Optional features |
2 |
|
Protocol Type |
Encapsulated protocol (e.g., IP) |
2 |
|
Payload |
Encapsulated packet |
201400 |
|
IP Header |
Outer IP header |
20 |
DHCP Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
9 |
DHCP |
IP address assignment packets |
300600 |
Op Code |
Request (1) or Reply (2) |
1 |
|
Hardware Type |
Ethernet = 1 |
1 |
|
Hardware Address Length |
MAC address length |
1 |
|
Hops |
Relay agent count |
1 |
|
Transaction ID |
Identifies session |
4 |
|
Seconds Elapsed |
Time since request |
2 |
|
Flags |
Broadcast flag |
2 |
|
Client IP Address |
If already assigned |
4 |
|
Your IP Address |
IP being offered |
4 |
|
Server IP Address |
DHCP server address |
4 |
|
Gateway IP Address |
Relay agent address |
4 |
|
Client MAC Address |
Hardware address |
6 |
|
Server Hostname |
Optional |
~64 |
|
Boot File Name |
Optional |
~128 |
|
Options |
DHCP options (e.g., lease time) |
~60312 |
|
UDP Header |
Source/destination ports |
8 |
|
IP Header |
Source/destination IP |
20 |
FTP Packet
S.No |
Protocol Packet |
Description |
Size(Bytes) |
|---|---|---|---|
10 |
FTP |
File transfer control/data packets |
641500 |
Command |
FTP command (e.g., USER, PASS) |
~48 |
|
Arguments |
Parameters for the command (e.g., username) |
~10100 |
|
CRLF |
End-of-line marker (rn) |
2 |
|
TCP Header |
Source/destination ports, flags, etc. |
20 |
|
IP Header |
Source/destination IP, TTL, etc. |
20 |
S.No |
Use Case |
Description |
|---|---|---|
1 |
Network Perimeter Security |
Protects internal network from external threats by filtering incoming traffic. |
2 |
Application Layer Filtering |
Blocks or allows traffic based on application-level data (e.g., HTTP, DNS). |
3 |
Intrusion Prevention |
Detects and blocks suspicious activity or known attack patterns. |
4 |
VPN Gateway Protection |
Secures VPN connections and ensures encrypted traffic is properly filtered. |
5 |
Data Center Segmentation |
Isolates workloads and controls traffic between servers in a data center. |
6 |
Cloud Security |
Controls traffic between cloud resources using virtual firewalls. |
7 |
Remote Access Control |
Manages access for remote users and devices, ensuring secure connectivity. |
8 |
Compliance Enforcement |
Helps meet regulatory requirements by enforcing security policies. |
9 |
IoT Device Protection |
Filters traffic to and from IoT devices to prevent exploitation. |
10 |
Web Filtering |
Blocks access to malicious or inappropriate websites. |
S.No |
Feature |
Description |
|---|---|---|
1 |
Packet Filtering |
Inspects packets based on IP, port, and protocol to allow or block traffic. |
2 |
Stateful Inspection |
Tracks active connections and makes decisions based on connection state. |
3 |
Access Control |
Defines rules to permit or deny traffic based on source/destination. |
4 |
Logging and Monitoring |
Records traffic logs for auditing and real-time threat detection. |
5 |
NAT (Network Address Translation) |
Hides internal IP addresses from external networks. |
6 |
VPN Support |
Allows secure remote access through encrypted tunnels. |
7 |
Application Layer Filtering |
Filters traffic based on application data (e.g., HTTP, FTP). |
8 |
Intrusion Detection/Prevention |
Identifies and blocks suspicious or malicious activity. |
9 |
Web Filtering |
Blocks access to specific websites or categories. |
10 |
High Availability |
Ensures continuous protection through redundancy and failover. |
Packet Filtering - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Packet Filter Test 1 |
Test packet filtering rule #1 with specific IP, port, and protocol. |
Packet blocked |
2 |
Packet Filter Test 2 |
Test packet filtering rule #2 with specific IP, port, and protocol. |
Packet allowed |
3 |
Packet Filter Test 3 |
Test packet filtering rule #3 with specific IP, port, and protocol. |
Packet blocked |
4 |
Packet Filter Test 4 |
Test packet filtering rule #4 with specific IP, port, and protocol. |
Packet allowed |
5 |
Packet Filter Test 5 |
Test packet filtering rule #5 with specific IP, port, and protocol. |
Packet blocked |
6 |
Packet Filter Test 6 |
Test packet filtering rule #6 with specific IP, port, and protocol. |
Packet allowed |
7 |
Packet Filter Test 7 |
Test packet filtering rule #7 with specific IP, port, and protocol. |
Packet blocked |
8 |
Packet Filter Test 8 |
Test packet filtering rule #8 with specific IP, port, and protocol. |
Packet allowed |
9 |
Packet Filter Test 9 |
Test packet filtering rule #9 with specific IP, port, and protocol. |
Packet blocked |
10 |
Packet Filter Test 10 |
Test packet filtering rule #10 with specific IP, port, and protocol. |
Packet allowed |
11 |
Packet Filter Test 11 |
Test packet filtering rule #11 with specific IP, port, and protocol. |
Packet blocked |
12 |
Packet Filter Test 12 |
Test packet filtering rule #12 with specific IP, port, and protocol. |
Packet allowed |
13 |
Packet Filter Test 13 |
Test packet filtering rule #13 with specific IP, port, and protocol. |
Packet blocked |
14 |
Packet Filter Test 14 |
Test packet filtering rule #14 with specific IP, port, and protocol. |
Packet allowed |
15 |
Packet Filter Test 15 |
Test packet filtering rule #15 with specific IP, port, and protocol. |
Packet blocked |
16 |
Packet Filter Test 16 |
Test packet filtering rule #16 with specific IP, port, and protocol. |
Packet allowed |
17 |
Packet Filter Test 17 |
Test packet filtering rule #17 with specific IP, port, and protocol. |
Packet blocked |
18 |
Packet Filter Test 18 |
Test packet filtering rule #18 with specific IP, port, and protocol. |
Packet allowed |
19 |
Packet Filter Test 19 |
Test packet filtering rule #19 with specific IP, port, and protocol. |
Packet blocked |
20 |
Packet Filter Test 20 |
Test packet filtering rule #20 with specific IP, port, and protocol. |
Packet allowed |
21 |
Packet Filter Test 21 |
Test packet filtering rule #21 with specific IP, port, and protocol. |
Packet blocked |
22 |
Packet Filter Test 22 |
Test packet filtering rule #22 with specific IP, port, and protocol. |
Packet allowed |
23 |
Packet Filter Test 23 |
Test packet filtering rule #23 with specific IP, port, and protocol. |
Packet blocked |
24 |
Packet Filter Test 24 |
Test packet filtering rule #24 with specific IP, port, and protocol. |
Packet allowed |
25 |
Packet Filter Test 25 |
Test packet filtering rule #25 with specific IP, port, and protocol. |
Packet blocked |
26 |
Packet Filter Test 26 |
Test packet filtering rule #26 with specific IP, port, and protocol. |
Packet allowed |
27 |
Packet Filter Test 27 |
Test packet filtering rule #27 with specific IP, port, and protocol. |
Packet blocked |
28 |
Packet Filter Test 28 |
Test packet filtering rule #28 with specific IP, port, and protocol. |
Packet allowed |
29 |
Packet Filter Test 29 |
Test packet filtering rule #29 with specific IP, port, and protocol. |
Packet blocked |
30 |
Packet Filter Test 30 |
Test packet filtering rule #30 with specific IP, port, and protocol. |
Packet allowed |
31 |
Packet Filter Test 31 |
Test packet filtering rule #31 with specific IP, port, and protocol. |
Packet blocked |
32 |
Packet Filter Test 32 |
Test packet filtering rule #32 with specific IP, port, and protocol. |
Packet allowed |
33 |
Packet Filter Test 33 |
Test packet filtering rule #33 with specific IP, port, and protocol. |
Packet blocked |
34 |
Packet Filter Test 34 |
Test packet filtering rule #34 with specific IP, port, and protocol. |
Packet allowed |
35 |
Packet Filter Test 35 |
Test packet filtering rule #35 with specific IP, port, and protocol. |
Packet blocked |
36 |
Packet Filter Test 36 |
Test packet filtering rule #36 with specific IP, port, and protocol. |
Packet allowed |
37 |
Packet Filter Test 37 |
Test packet filtering rule #37 with specific IP, port, and protocol. |
Packet blocked |
38 |
Packet Filter Test 38 |
Test packet filtering rule #38 with specific IP, port, and protocol. |
Packet allowed |
39 |
Packet Filter Test 39 |
Test packet filtering rule #39 with specific IP, port, and protocol. |
Packet blocked |
40 |
Packet Filter Test 40 |
Test packet filtering rule #40 with specific IP, port, and protocol. |
Packet allowed |
41 |
Packet Filter Test 41 |
Test packet filtering rule #41 with specific IP, port, and protocol. |
Packet blocked |
42 |
Packet Filter Test 42 |
Test packet filtering rule #42 with specific IP, port, and protocol. |
Packet allowed |
43 |
Packet Filter Test 43 |
Test packet filtering rule #43 with specific IP, port, and protocol. |
Packet blocked |
44 |
Packet Filter Test 44 |
Test packet filtering rule #44 with specific IP, port, and protocol. |
Packet allowed |
45 |
Packet Filter Test 45 |
Test packet filtering rule #45 with specific IP, port, and protocol. |
Packet blocked |
46 |
Packet Filter Test 46 |
Test packet filtering rule #46 with specific IP, port, and protocol. |
Packet allowed |
47 |
Packet Filter Test 47 |
Test packet filtering rule #47 with specific IP, port, and protocol. |
Packet blocked |
48 |
Packet Filter Test 48 |
Test packet filtering rule #48 with specific IP, port, and protocol. |
Packet allowed |
49 |
Packet Filter Test 49 |
Test packet filtering rule #49 with specific IP, port, and protocol. |
Packet blocked |
50 |
Packet Filter Test 50 |
Test packet filtering rule #50 with specific IP, port, and protocol. |
Packet allowed |
Stateful Inspection - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Stateful Test 1 |
Allow new TCP connection from trusted IP |
Connection allowed |
2 |
Stateful Test 2 |
Block TCP packet without SYN flag |
Packet dropped |
3 |
Stateful Test 3 |
Allow established TCP session continuation |
Packet allowed |
4 |
Stateful Test 4 |
Drop unsolicited inbound UDP packet |
Packet dropped |
5 |
Stateful Test 5 |
Allow DNS response for tracked query |
Packet allowed |
6 |
Stateful Test 6 |
Block ICMP reply without matching request |
Packet dropped |
7 |
Stateful Test 7 |
Allow FTP data connection after control session established |
Connection allowed |
8 |
Stateful Test 8 |
Drop TCP FIN packet without session context |
Packet dropped |
9 |
Stateful Test 9 |
Allow HTTPS traffic with valid session state |
Packet allowed |
10 |
Stateful Test 10 |
Block TCP RST packet from unknown source |
Packet dropped |
11 |
Stateful Test 11 |
Allow UDP response within timeout window |
Packet allowed |
12 |
Stateful Test 12 |
Drop UDP response after session timeout |
Packet dropped |
13 |
Stateful Test 13 |
Allow ICMP Echo Reply for tracked Echo Request |
Packet allowed |
14 |
Stateful Test 14 |
Block TCP ACK without prior SYN |
Packet dropped |
15 |
Stateful Test 15 |
Allow SMTP session continuation |
Packet allowed |
16 |
Stateful Test 16 |
Drop TCP packet with invalid sequence number |
Packet dropped |
17 |
Stateful Test 17 |
Allow SSH session from internal to external |
Connection allowed |
18 |
Stateful Test 18 |
Block unsolicited inbound SSH packet |
Packet dropped |
19 |
Stateful Test 19 |
Allow HTTP response for tracked request |
Packet allowed |
20 |
Stateful Test 20 |
Drop TCP packet with expired session state |
Packet dropped |
21 |
Stateful Test 21 |
Allow SIP signaling with valid session tracking |
Packet allowed |
22 |
Stateful Test 22 |
Block SIP media stream without signaling context |
Packet dropped |
23 |
Stateful Test 23 |
Allow VPN tunnel traffic after handshake |
Packet allowed |
24 |
Stateful Test 24 |
Drop GRE packet without session context |
Packet dropped |
25 |
Stateful Test 25 |
Allow ICMP Time Exceeded for tracked session |
Packet allowed |
26 |
Stateful Test 26 |
Block fragmented packet without session info |
Packet dropped |
27 |
Stateful Test 27 |
Allow DNS over TCP with valid session |
Packet allowed |
28 |
Stateful Test 28 |
Drop TCP packet with mismatched ACK number |
Packet dropped |
29 |
Stateful Test 29 |
Allow POP3 session continuation |
Packet allowed |
30 |
Stateful Test 30 |
Block unsolicited POP3 packet |
Packet dropped |
31 |
Stateful Test 31 |
Allow NTP response for tracked request |
Packet allowed |
32 |
Stateful Test 32 |
Drop NTP response without matching request |
Packet dropped |
33 |
Stateful Test 33 |
Allow Telnet session from internal host |
Connection allowed |
34 |
Stateful Test 34 |
Block Telnet packet from unknown source |
Packet dropped |
35 |
Stateful Test 35 |
Allow HTTPS session resume |
Packet allowed |
36 |
Stateful Test 36 |
Drop TCP packet with invalid flags |
Packet dropped |
37 |
Stateful Test 37 |
Allow SMB session from trusted subnet |
Packet allowed |
38 |
Stateful Test 38 |
Block SMB packet from untrusted source |
Packet dropped |
39 |
Stateful Test 39 |
Allow ICMP Destination Unreachable for tracked session |
Packet allowed |
40 |
Stateful Test 40 |
Drop ICMP packet not matching any session |
Packet dropped |
41 |
Stateful Test 41 |
Allow HTTP/2 session continuation |
Packet allowed |
42 |
Stateful Test 42 |
Block HTTP/2 packet without session context |
Packet dropped |
43 |
Stateful Test 43 |
Allow RDP session from internal network |
Connection allowed |
44 |
Stateful Test 44 |
Block RDP packet from external network |
Packet dropped |
45 |
Stateful Test 45 |
Allow VoIP RTP stream after SIP session established |
Packet allowed |
46 |
Stateful Test 46 |
Drop RTP stream without SIP signaling |
Packet dropped |
47 |
Stateful Test 47 |
Allow DHCP response for tracked request |
Packet allowed |
48 |
Stateful Test 48 |
Block DHCP offer without matching discover |
Packet dropped |
49 |
Stateful Test 49 |
Allow HTTPS traffic with session persistence |
Packet allowed |
50 |
Stateful Test 50 |
Drop TCP packet from blacklisted IP despite session |
Packet dropped |
Access Control - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Access Control Test 1 |
Allow traffic from trusted internal IP to web server |
Access granted |
2 |
Access Control Test 2 |
Block traffic from blacklisted IP |
Access denied |
3 |
Access Control Test 3 |
Allow SSH access from admin subnet |
Access granted |
4 |
Access Control Test 4 |
Deny SSH access from public IP |
Access denied |
5 |
Access Control Test 5 |
Allow HTTP traffic on port 80 |
Access granted |
6 |
Access Control Test 6 |
Block HTTP traffic on non-standard port |
Access denied |
7 |
Access Control Test 7 |
Allow DNS queries from internal network |
Access granted |
8 |
Access Control Test 8 |
Block DNS queries from unauthorized subnet |
Access denied |
9 |
Access Control Test 9 |
Allow ICMP ping from monitoring server |
Access granted |
10 |
Access Control Test 10 |
Block ICMP from external sources |
Access denied |
11 |
Access Control Test 11 |
Allow FTP access to file server |
Access granted |
12 |
Access Control Test 12 |
Block FTP access from guest network |
Access denied |
13 |
Access Control Test 13 |
Allow SMTP traffic from mail server |
Access granted |
14 |
Access Control Test 14 |
Block SMTP traffic from unknown IP |
Access denied |
15 |
Access Control Test 15 |
Allow RDP access from IT department |
Access granted |
16 |
Access Control Test 16 |
Block RDP access from external network |
Access denied |
17 |
Access Control Test 17 |
Allow VPN access from remote employees |
Access granted |
18 |
Access Control Test 18 |
Block VPN access from unregistered devices |
Access denied |
19 |
Access Control Test 19 |
Allow access to internal database from app server |
Access granted |
20 |
Access Control Test 20 |
Block access to database from public network |
Access denied |
21 |
Access Control Test 21 |
Allow NTP traffic to time server |
Access granted |
22 |
Access Control Test 22 |
Block NTP traffic from unknown sources |
Access denied |
23 |
Access Control Test 23 |
Allow VoIP traffic from internal phones |
Access granted |
24 |
Access Control Test 24 |
Block VoIP traffic from external IPs |
Access denied |
25 |
Access Control Test 25 |
Allow HTTPS traffic to secure web server |
Access granted |
26 |
Access Control Test 26 |
Block HTTPS traffic on port 8080 |
Access denied |
27 |
Access Control Test 27 |
Allow SNMP traffic from monitoring tools |
Access granted |
28 |
Access Control Test 28 |
Block SNMP traffic from unauthorized IPs |
Access denied |
29 |
Access Control Test 29 |
Allow access to cloud services from internal network |
Access granted |
30 |
Access Control Test 30 |
Block access to cloud services from guest Wi-Fi |
Access denied |
31 |
Access Control Test 31 |
Allow access to internal Git server from dev team |
Access granted |
32 |
Access Control Test 32 |
Block access to Git server from external IP |
Access denied |
33 |
Access Control Test 33 |
Allow DHCP traffic from trusted DHCP server |
Access granted |
34 |
Access Control Test 34 |
Block rogue DHCP server broadcasts |
Access denied |
35 |
Access Control Test 35 |
Allow access to CRM system from sales team subnet |
Access granted |
36 |
Access Control Test 36 |
Block access to CRM system from external IP |
Access denied |
37 |
Access Control Test 37 |
Allow access to internal wiki from corporate network |
Access granted |
38 |
Access Control Test 38 |
Block access to internal wiki from guest network |
Access denied |
39 |
Access Control Test 39 |
Allow access to backup server from backup software |
Access granted |
40 |
Access Control Test 40 |
Block access to backup server from user devices |
Access denied |
41 |
Access Control Test 41 |
Allow access to HR portal from HR subnet |
Access granted |
42 |
Access Control Test 42 |
Block access to HR portal from other departments |
Access denied |
43 |
Access Control Test 43 |
Allow access to finance system from finance team |
Access granted |
44 |
Access Control Test 44 |
Block access to finance system from IT team |
Access denied |
45 |
Access Control Test 45 |
Allow access to printer from internal network |
Access granted |
46 |
Access Control Test 46 |
Block access to printer from guest network |
Access denied |
47 |
Access Control Test 47 |
Allow access to internal API from frontend servers |
Access granted |
48 |
Access Control Test 48 |
Block access to internal API from external IPs |
Access denied |
49 |
Access Control Test 49 |
Allow access to internal storage from authorized users |
Access granted |
50 |
Access Control Test 50 |
Block access to internal storage from unauthorized users |
Access denied |
Logging and Monitoring - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Log Test 1 |
Log allowed HTTP traffic from internal network |
Log entry created |
2 |
Log Test 2 |
Log blocked SSH attempt from external IP |
Log entry created |
3 |
Log Test 3 |
Log dropped ICMP packet from unknown source |
Log entry created |
4 |
Log Test 4 |
Log successful VPN connection |
Log entry created |
5 |
Log Test 5 |
Log failed VPN authentication attempt |
Log entry created |
6 |
Log Test 6 |
Log FTP access from internal user |
Log entry created |
7 |
Log Test 7 |
Log DNS query from guest network |
Log entry created |
8 |
Log Test 8 |
Log blocked access to restricted website |
Log entry created |
9 |
Log Test 9 |
Log allowed SMTP traffic |
Log entry created |
10 |
Log Test 10 |
Log denied RDP access from external IP |
Log entry created |
11 |
Log Test 11 |
Log port scan attempt |
Alert generated |
12 |
Log Test 12 |
Log brute-force login attempt |
Alert generated |
13 |
Log Test 13 |
Log access to admin panel |
Log entry created |
14 |
Log Test 14 |
Log blocked Telnet connection |
Log entry created |
15 |
Log Test 15 |
Log allowed HTTPS session |
Log entry created |
16 |
Log Test 16 |
Log expired session termination |
Log entry created |
17 |
Log Test 17 |
Log traffic from blacklisted IP |
Alert generated |
18 |
Log Test 18 |
Log access to internal database |
Log entry created |
19 |
Log Test 19 |
Log blocked access to internal API |
Log entry created |
20 |
Log Test 20 |
Log allowed VoIP traffic |
Log entry created |
21 |
Log Test 21 |
Log blocked VoIP traffic from external IP |
Log entry created |
22 |
Log Test 22 |
Log DHCP request from unauthorized device |
Log entry created |
23 |
Log Test 23 |
Log SNMP traffic from monitoring server |
Log entry created |
24 |
Log Test 24 |
Log blocked SNMP traffic from unknown IP |
Log entry created |
25 |
Log Test 25 |
Log access to cloud storage |
Log entry created |
26 |
Log Test 26 |
Log blocked access to cloud service |
Log entry created |
27 |
Log Test 27 |
Log internal user accessing external FTP |
Log entry created |
28 |
Log Test 28 |
Log blocked ICMP redirect |
Log entry created |
29 |
Log Test 29 |
Log access to HR portal |
Log entry created |
30 |
Log Test 30 |
Log blocked access to finance system |
Log entry created |
31 |
Log Test 31 |
Log allowed Git traffic from dev team |
Log entry created |
32 |
Log Test 32 |
Log blocked Git traffic from external IP |
Log entry created |
33 |
Log Test 33 |
Log access to internal wiki |
Log entry created |
34 |
Log Test 34 |
Log blocked access to internal wiki |
Log entry created |
35 |
Log Test 35 |
Log access to backup server |
Log entry created |
36 |
Log Test 36 |
Log blocked access to backup server |
Log entry created |
37 |
Log Test 37 |
Log access to internal printer |
Log entry created |
38 |
Log Test 38 |
Log blocked access to printer from guest network |
Log entry created |
39 |
Log Test 39 |
Log access to internal API |
Log entry created |
40 |
Log Test 40 |
Log blocked access to internal API |
Log entry created |
41 |
Log Test 41 |
Log access to internal storage |
Log entry created |
42 |
Log Test 42 |
Log blocked access to internal storage |
Log entry created |
43 |
Log Test 43 |
Log firewall rule change |
Configuration log created |
44 |
Log Test 44 |
Log firewall reboot |
System log created |
45 |
Log Test 45 |
Log policy update |
Configuration log created |
46 |
Log Test 46 |
Log admin login to firewall |
Audit log created |
47 |
Log Test 47 |
Log failed admin login attempt |
Alert generated |
48 |
Log Test 48 |
Log configuration backup |
System log created |
49 |
Log Test 49 |
Log firmware update |
System log created |
50 |
Log Test 50 |
Log log file rotation |
System log created |
NAT - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
NAT Test 1 |
Translate private IP to public IP for outbound web traffic |
Translation successful |
2 |
NAT Test 2 |
Block outbound traffic without NAT rule |
Traffic blocked |
3 |
NAT Test 3 |
Translate multiple internal IPs to one public IP (PAT) |
Translation successful |
4 |
NAT Test 4 |
Translate internal IP to specific public IP (Static NAT) |
Translation successful |
5 |
NAT Test 5 |
Translate internal IP range to public IP pool (Dynamic NAT) |
Translation successful |
6 |
NAT Test 6 |
Block inbound traffic without port forwarding |
Traffic blocked |
7 |
NAT Test 7 |
Allow inbound HTTP traffic via port forwarding |
Traffic allowed |
8 |
NAT Test 8 |
Translate internal DNS request to external IP |
Translation successful |
9 |
NAT Test 9 |
Translate internal FTP request to external server |
Translation successful |
10 |
NAT Test 10 |
Block FTP traffic without NAT rule |
Traffic blocked |
11 |
NAT Test 11 |
Translate VoIP traffic using NAT |
Translation successful |
12 |
NAT Test 12 |
Drop SIP call due to missing NAT traversal |
Call failed |
13 |
NAT Test 13 |
Translate ICMP Echo Request to public IP |
Translation successful |
14 |
NAT Test 14 |
Block ICMP without NAT rule |
Traffic blocked |
15 |
NAT Test 15 |
Translate internal SMTP traffic to public IP |
Translation successful |
16 |
NAT Test 16 |
Block SMTP traffic without NAT |
Traffic blocked |
17 |
NAT Test 17 |
Translate internal HTTPS request |
Translation successful |
18 |
NAT Test 18 |
Translate internal SSH session |
Translation successful |
19 |
NAT Test 19 |
Block SSH without NAT rule |
Traffic blocked |
20 |
NAT Test 20 |
Translate internal RDP session |
Translation successful |
21 |
NAT Test 21 |
Block RDP without NAT rule |
Traffic blocked |
22 |
NAT Test 22 |
Translate internal DNS response |
Translation successful |
23 |
NAT Test 23 |
Translate internal NTP request |
Translation successful |
24 |
NAT Test 24 |
Block NTP without NAT rule |
Traffic blocked |
25 |
NAT Test 25 |
Translate internal SNMP request |
Translation successful |
26 |
NAT Test 26 |
Block SNMP without NAT rule |
Traffic blocked |
27 |
NAT Test 27 |
Translate internal Git traffic |
Translation successful |
28 |
NAT Test 28 |
Translate internal API call |
Translation successful |
29 |
NAT Test 29 |
Translate internal cloud storage access |
Translation successful |
30 |
NAT Test 30 |
Translate internal backup traffic |
Translation successful |
31 |
NAT Test 31 |
Translate internal CRM access |
Translation successful |
32 |
NAT Test 32 |
Translate internal HR portal access |
Translation successful |
33 |
NAT Test 33 |
Translate internal finance system access |
Translation successful |
34 |
NAT Test 34 |
Translate internal printer access |
Translation successful |
35 |
NAT Test 35 |
Translate internal wiki access |
Translation successful |
36 |
NAT Test 36 |
Translate internal monitoring tool traffic |
Translation successful |
37 |
NAT Test 37 |
Translate internal DHCP request |
Translation successful |
38 |
NAT Test 38 |
Block DHCP without NAT rule |
Traffic blocked |
39 |
NAT Test 39 |
Translate internal Telnet session |
Translation successful |
40 |
NAT Test 40 |
Block Telnet without NAT rule |
Traffic blocked |
41 |
NAT Test 41 |
Translate internal POP3 traffic |
Translation successful |
42 |
NAT Test 42 |
Translate internal IMAP traffic |
Translation successful |
43 |
NAT Test 43 |
Translate internal LDAP traffic |
Translation successful |
44 |
NAT Test 44 |
Translate internal SMB traffic |
Translation successful |
45 |
NAT Test 45 |
Translate internal HTTPS to external load balancer |
Translation successful |
46 |
NAT Test 46 |
Translate internal traffic to external CDN |
Translation successful |
47 |
NAT Test 47 |
Translate internal traffic to external API gateway |
Translation successful |
48 |
NAT Test 48 |
Translate internal traffic to external analytics platform |
Translation successful |
49 |
NAT Test 49 |
Translate internal traffic to external email service |
Translation successful |
50 |
NAT Test 50 |
Translate internal traffic to external authentication service |
Translation successful |
VPN Support - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
VPN Test 1 |
Allow IPsec VPN tunnel from remote site |
Tunnel established |
2 |
VPN Test 2 |
Block VPN connection from unauthorized IP |
Connection denied |
3 |
VPN Test 3 |
Allow SSL VPN connection from remote user |
Connection successful |
4 |
VPN Test 4 |
Block SSL VPN with invalid certificate |
Connection denied |
5 |
VPN Test 5 |
Allow L2TP VPN with correct credentials |
Tunnel established |
6 |
VPN Test 6 |
Block L2TP VPN with incorrect credentials |
Authentication failed |
7 |
VPN Test 7 |
Log successful VPN login |
Log entry created |
8 |
VPN Test 8 |
Log failed VPN login attempt |
Log entry created |
9 |
VPN Test 9 |
Allow split tunneling for VPN client |
Split tunnel active |
10 |
VPN Test 10 |
Block traffic outside VPN tunnel |
Traffic blocked |
11 |
VPN Test 11 |
Allow VPN traffic through NAT |
Tunnel established |
12 |
VPN Test 12 |
Block VPN traffic without NAT traversal |
Tunnel failed |
13 |
VPN Test 13 |
Allow VPN access to internal resources |
Access granted |
14 |
VPN Test 14 |
Block VPN access to restricted subnet |
Access denied |
15 |
VPN Test 15 |
Allow VPN client to access DNS server |
DNS resolution works |
16 |
VPN Test 16 |
Block VPN client from accessing internet |
Internet blocked |
17 |
VPN Test 17 |
Allow VPN tunnel re-establishment after disconnect |
Tunnel reconnected |
18 |
VPN Test 18 |
Block VPN tunnel with expired certificate |
Connection denied |
19 |
VPN Test 19 |
Allow VPN traffic on custom port |
Tunnel established |
20 |
VPN Test 20 |
Block VPN traffic on non-standard port |
Connection denied |
21 |
VPN Test 21 |
Allow VPN client to access internal web server |
Access granted |
22 |
VPN Test 22 |
Block VPN client from accessing file server |
Access denied |
23 |
VPN Test 23 |
Allow VPN client to access internal printer |
Access granted |
24 |
VPN Test 24 |
Block VPN client from accessing backup server |
Access denied |
25 |
VPN Test 25 |
Allow VPN client to access internal API |
Access granted |
26 |
VPN Test 26 |
Block VPN client from accessing HR system |
Access denied |
27 |
VPN Test 27 |
Allow VPN client to access finance system |
Access granted |
28 |
VPN Test 28 |
Block VPN client from accessing dev environment |
Access denied |
29 |
VPN Test 29 |
Allow VPN client to access internal Git server |
Access granted |
30 |
VPN Test 30 |
Block VPN client from accessing external websites |
Access denied |
31 |
VPN Test 31 |
Allow VPN client to use internal VoIP system |
VoIP works |
32 |
VPN Test 32 |
Block VPN client from using external VoIP |
VoIP blocked |
33 |
VPN Test 33 |
Allow VPN client to access internal database |
Access granted |
34 |
VPN Test 34 |
Block VPN client from accessing test database |
Access denied |
35 |
VPN Test 35 |
Allow VPN client to access internal CRM |
Access granted |
36 |
VPN Test 36 |
Block VPN client from accessing internal wiki |
Access denied |
37 |
VPN Test 37 |
Allow VPN client to access internal monitoring tools |
Access granted |
38 |
VPN Test 38 |
Block VPN client from accessing SNMP services |
Access denied |
39 |
VPN Test 39 |
Allow VPN client to access internal storage |
Access granted |
40 |
VPN Test 40 |
Block VPN client from accessing unauthorized storage |
Access denied |
41 |
VPN Test 41 |
Allow VPN client to access internal email server |
Access granted |
42 |
VPN Test 42 |
Block VPN client from accessing external email |
Access denied |
43 |
VPN Test 43 |
Allow VPN client to access internal time server |
Time sync successful |
44 |
VPN Test 44 |
Block VPN client from accessing external NTP |
Time sync blocked |
45 |
VPN Test 45 |
Allow VPN client to access internal LDAP |
Access granted |
46 |
VPN Test 46 |
Block VPN client from accessing external LDAP |
Access denied |
47 |
VPN Test 47 |
Allow VPN client to access internal SMB share |
Access granted |
48 |
VPN Test 48 |
Block VPN client from accessing external SMB |
Access denied |
49 |
VPN Test 49 |
Allow VPN client to access internal Telnet service |
Access granted |
50 |
VPN Test 50 |
Block VPN client from accessing Telnet externally |
Access denied |
Application Layer Filtering - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
App Filter Test 1 |
Allow HTTP traffic to trusted domain |
Access granted |
2 |
App Filter Test 2 |
Block HTTP traffic to blacklisted domain |
Access denied |
3 |
App Filter Test 3 |
Allow HTTPS traffic to secure portal |
Access granted |
4 |
App Filter Test 4 |
Block HTTPS traffic to unauthorized site |
Access denied |
5 |
App Filter Test 5 |
Allow DNS queries to internal DNS server |
Access granted |
6 |
App Filter Test 6 |
Block DNS queries to external DNS server |
Access denied |
7 |
App Filter Test 7 |
Allow FTP traffic to internal file server |
Access granted |
8 |
App Filter Test 8 |
Block FTP traffic to external server |
Access denied |
9 |
App Filter Test 9 |
Allow SMTP traffic from mail server |
Access granted |
10 |
App Filter Test 10 |
Block SMTP traffic from unknown source |
Access denied |
11 |
App Filter Test 11 |
Allow POP3 traffic from internal client |
Access granted |
12 |
App Filter Test 12 |
Block POP3 traffic from external client |
Access denied |
13 |
App Filter Test 13 |
Allow IMAP traffic to internal mail server |
Access granted |
14 |
App Filter Test 14 |
Block IMAP traffic to external mail server |
Access denied |
15 |
App Filter Test 15 |
Allow SSH traffic to internal server |
Access granted |
16 |
App Filter Test 16 |
Block SSH traffic to external server |
Access denied |
17 |
App Filter Test 17 |
Allow Telnet traffic to internal device |
Access granted |
18 |
App Filter Test 18 |
Block Telnet traffic to external device |
Access denied |
19 |
App Filter Test 19 |
Allow RDP traffic to internal workstation |
Access granted |
20 |
App Filter Test 20 |
Block RDP traffic from external network |
Access denied |
21 |
App Filter Test 21 |
Allow VoIP traffic from internal phones |
Access granted |
22 |
App Filter Test 22 |
Block VoIP traffic from external sources |
Access denied |
23 |
App Filter Test 23 |
Allow access to internal web application |
Access granted |
24 |
App Filter Test 24 |
Block access to unauthorized web application |
Access denied |
25 |
App Filter Test 25 |
Allow access to internal API |
Access granted |
26 |
App Filter Test 26 |
Block access to external API |
Access denied |
27 |
App Filter Test 27 |
Allow access to internal CRM system |
Access granted |
28 |
App Filter Test 28 |
Block access to external CRM system |
Access denied |
29 |
App Filter Test 29 |
Allow access to internal HR portal |
Access granted |
30 |
App Filter Test 30 |
Block access to external HR portal |
Access denied |
31 |
App Filter Test 31 |
Allow access to internal finance system |
Access granted |
32 |
App Filter Test 32 |
Block access to external finance system |
Access denied |
33 |
App Filter Test 33 |
Allow access to internal Git server |
Access granted |
34 |
App Filter Test 34 |
Block access to external Git server |
Access denied |
35 |
App Filter Test 35 |
Allow access to internal wiki |
Access granted |
36 |
App Filter Test 36 |
Block access to external wiki |
Access denied |
37 |
App Filter Test 37 |
Allow access to internal backup system |
Access granted |
38 |
App Filter Test 38 |
Block access to external backup system |
Access denied |
39 |
App Filter Test 39 |
Allow access to internal storage system |
Access granted |
40 |
App Filter Test 40 |
Block access to external storage system |
Access denied |
41 |
App Filter Test 41 |
Allow access to internal printer |
Access granted |
42 |
App Filter Test 42 |
Block access to external printer |
Access denied |
43 |
App Filter Test 43 |
Allow access to internal monitoring tools |
Access granted |
44 |
App Filter Test 44 |
Block access to external monitoring tools |
Access denied |
45 |
App Filter Test 45 |
Allow access to internal analytics platform |
Access granted |
46 |
App Filter Test 46 |
Block access to external analytics platform |
Access denied |
47 |
App Filter Test 47 |
Allow access to internal authentication service |
Access granted |
48 |
App Filter Test 48 |
Block access to external authentication service |
Access denied |
49 |
App Filter Test 49 |
Allow access to internal CDN |
Access granted |
50 |
App Filter Test 50 |
Block access to external CDN |
Access denied |
Intrusion Detection/Prevention, - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
IDPS Test 1 |
Detect port scanning attempt |
Alert generated |
2 |
IDPS Test 2 |
Block IP after multiple failed login attempts |
IP blocked |
3 |
IDPS Test 3 |
Detect SQL injection in HTTP request |
Alert generated |
4 |
IDPS Test 4 |
Block SQL injection attempt |
Request blocked |
5 |
IDPS Test 5 |
Detect cross-site scripting (XSS) attack |
Alert generated |
6 |
IDPS Test 6 |
Block XSS attack |
Request blocked |
7 |
IDPS Test 7 |
Detect buffer overflow attempt |
Alert generated |
8 |
IDPS Test 8 |
Block buffer overflow payload |
Payload dropped |
9 |
IDPS Test 9 |
Detect malware signature in file upload |
Alert generated |
10 |
IDPS Test 10 |
Block malware file upload |
Upload blocked |
11 |
IDPS Test 11 |
Detect brute-force SSH login attempts |
Alert generated |
12 |
IDPS Test 12 |
Block SSH brute-force attack |
IP blocked |
13 |
IDPS Test 13 |
Detect DoS attack pattern |
Alert generated |
14 |
IDPS Test 14 |
Block DoS traffic |
Traffic dropped |
15 |
IDPS Test 15 |
Detect SYN flood attack |
Alert generated |
16 |
IDPS Test 16 |
Block SYN flood packets |
Packets dropped |
17 |
IDPS Test 17 |
Detect ICMP flood |
Alert generated |
18 |
IDPS Test 18 |
Block ICMP flood |
Packets dropped |
19 |
IDPS Test 19 |
Detect unauthorized access to admin panel |
Alert generated |
20 |
IDPS Test 20 |
Block access to admin panel from unknown IP |
Access denied |
21 |
IDPS Test 21 |
Detect suspicious DNS tunneling |
Alert generated |
22 |
IDPS Test 22 |
Block DNS tunneling attempt |
Traffic blocked |
23 |
IDPS Test 23 |
Detect command and control (C2) traffic |
Alert generated |
24 |
IDPS Test 24 |
Block C2 communication |
Traffic blocked |
25 |
IDPS Test 25 |
Detect outbound traffic to known malicious IP |
Alert generated |
26 |
IDPS Test 26 |
Block outbound traffic to malicious IP |
Traffic blocked |
27 |
IDPS Test 27 |
Detect suspicious HTTP user-agent string |
Alert generated |
28 |
IDPS Test 28 |
Block HTTP request with malicious user-agent |
Request blocked |
29 |
IDPS Test 29 |
Detect unauthorized file access attempt |
Alert generated |
30 |
IDPS Test 30 |
Block access to restricted file |
Access denied |
31 |
IDPS Test 31 |
Detect suspicious payload in POST request |
Alert generated |
32 |
IDPS Test 32 |
Block POST request with malicious payload |
Request blocked |
33 |
IDPS Test 33 |
Detect use of known exploit tool |
Alert generated |
34 |
IDPS Test 34 |
Block traffic from exploit tool |
Traffic blocked |
35 |
IDPS Test 35 |
Detect abnormal outbound traffic volume |
Alert generated |
36 |
IDPS Test 36 |
Block excessive outbound traffic |
Traffic throttled |
37 |
IDPS Test 37 |
Detect unauthorized access to internal API |
Alert generated |
38 |
IDPS Test 38 |
Block access to internal API from unknown source |
Access denied |
39 |
IDPS Test 39 |
Detect suspicious SMB traffic |
Alert generated |
40 |
IDPS Test 40 |
Block SMB traffic from untrusted source |
Traffic blocked |
41 |
IDPS Test 41 |
Detect ARP spoofing attempt |
Alert generated |
42 |
IDPS Test 42 |
Block ARP spoofing packets |
Packets dropped |
43 |
IDPS Test 43 |
Detect DNS poisoning attempt |
Alert generated |
44 |
IDPS Test 44 |
Block DNS poisoning packets |
Packets dropped |
45 |
IDPS Test 45 |
Detect unauthorized VPN tunnel |
Alert generated |
46 |
IDPS Test 46 |
Block unauthorized VPN traffic |
Tunnel blocked |
47 |
IDPS Test 47 |
Detect suspicious email attachment |
Alert generated |
48 |
IDPS Test 48 |
Block email with malicious attachment |
Email blocked |
49 |
IDPS Test 49 |
Detect lateral movement within network |
Alert generated |
50 |
IDPS Test 50 |
Block internal traffic violating segmentation policy |
Traffic blocked |
Web Filtering - Testcases
High Availability - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
HA Test 1 |
Verify primary firewall is active |
Primary is active |
2 |
HA Test 2 |
Verify secondary firewall is in standby |
Secondary is standby |
3 |
HA Test 3 |
Simulate primary firewall failure |
Secondary takes over |
4 |
HA Test 4 |
Restore primary firewall |
Primary resumes control |
5 |
HA Test 5 |
Test failover time |
Failover < 5 seconds |
6 |
HA Test 6 |
Verify session persistence after failover |
Sessions maintained |
7 |
HA Test 7 |
Verify configuration sync between nodes |
Configs are identical |
8 |
HA Test 8 |
Modify config on primary and check sync |
Sync successful |
9 |
HA Test 9 |
Modify config on secondary (should be blocked) |
Change rejected |
10 |
HA Test 10 |
Test heartbeat communication between nodes |
Heartbeat detected |
11 |
HA Test 11 |
Disconnect heartbeat link |
Failover triggered |
12 |
HA Test 12 |
Reconnect heartbeat link |
HA state restored |
13 |
HA Test 13 |
Simulate power failure on primary |
Secondary takes over |
14 |
HA Test 14 |
Simulate network failure on primary |
Secondary takes over |
15 |
HA Test 15 |
Simulate CPU overload on primary |
Secondary takes over |
16 |
HA Test 16 |
Verify log synchronization |
Logs are synced |
17 |
HA Test 17 |
Test firmware upgrade on primary |
No impact on traffic |
18 |
HA Test 18 |
Test firmware upgrade on secondary |
No impact on traffic |
19 |
HA Test 19 |
Test manual failover |
Secondary becomes active |
20 |
HA Test 20 |
Test automatic failback |
Primary resumes control |
21 |
HA Test 21 |
Verify HA status via CLI |
Status displayed |
22 |
HA Test 22 |
Verify HA status via GUI |
Status displayed |
23 |
HA Test 23 |
Test HA alert generation |
Alert generated |
24 |
HA Test 24 |
Test HA email notification |
Email received |
25 |
HA Test 25 |
Test HA SNMP trap |
SNMP trap sent |
26 |
HA Test 26 |
Test HA syslog message |
Syslog entry created |
27 |
HA Test 27 |
Test HA with asymmetric routing |
Traffic flows correctly |
28 |
HA Test 28 |
Test HA with dynamic routing protocols |
Routes updated correctly |
29 |
HA Test 29 |
Test HA with static routes |
Routes remain consistent |
30 |
HA Test 30 |
Test HA with NAT rules |
NAT rules preserved |
31 |
HA Test 31 |
Test HA with firewall policies |
Policies preserved |
32 |
HA Test 32 |
Test HA with VPN tunnels |
VPN remains active |
33 |
HA Test 33 |
Test HA with IPS/IDS enabled |
Protection continues |
34 |
HA Test 34 |
Test HA with web filtering enabled |
Filtering continues |
35 |
HA Test 35 |
Test HA with application control enabled |
Control continues |
36 |
HA Test 36 |
Test HA with SSL inspection enabled |
Inspection continues |
37 |
HA Test 37 |
Test HA with logging server configured |
Logs sent correctly |
38 |
HA Test 38 |
Test HA with external authentication server |
Auth remains functional |
39 |
HA Test 39 |
Test HA with cloud-based management |
Cloud sync continues |
40 |
HA Test 40 |
Test HA with high traffic load |
No packet loss |
41 |
HA Test 41 |
Test HA with multicast traffic |
Multicast flows correctly |
42 |
HA Test 42 |
Test HA with broadcast traffic |
Broadcast flows correctly |
43 |
HA Test 43 |
Test HA with VLAN tagging |
VLANs preserved |
44 |
HA Test 44 |
Test HA with multiple interfaces |
Interfaces failover |
45 |
HA Test 45 |
Test HA with link aggregation |
Aggregation preserved |
46 |
HA Test 46 |
Test HA with DHCP relay |
Relay continues |
47 |
HA Test 47 |
Test HA with DNS proxy |
DNS proxy continues |
48 |
HA Test 48 |
Test HA with captive portal |
Portal remains active |
49 |
HA Test 49 |
Test HA with API integration |
API remains functional |
50 |
HA Test 50 |
Test HA with zero-touch provisioning |
Provisioning succeeds |
Reference links