Firewall test strategy

Test Case Generation For Firewall Testing (acsac.org)

A test strategy should cover all areas of the implementation of the firewall. For example, the implementation of the equipment – is it in the correct location, or does it only provide protection for some areas of the network? Do the firewall rules work as intended? If you have a rule to block connections to a specific application, does it actually achieve this? Sometimes applications have back-up hosts in the event that the main host can’t be contacted.

Finally, a firewall should undergo penetration testing. This ensures that no known flaws are present, that all patches are installed, and that the default configuration properties are indeed secure enough.

The link at the head of this page covers the strategy in more detail.