Home Compliance & Certification Firewall Configuration Screenshot Guide

Firewall Configuration Screenshot Guide

Last updated on Sep 25, 2025

1. Purpose of this Guide

This artefact proves that your company has firewalls enabled and configured to block malicious traffic. For DNS firewalls, this shows you’ve gone beyond the basics by filtering at the DNS layer, stopping users from even connecting to dangerous sites. Cyber compliance requires this because firewalls are the first shield-wall against intruders.

2. What You Will Submit

You will need:

  • screenshot of your DNS firewall configuration page.

  • The screenshot should clearly show:

    • Filtering rules (malware, phishing, adult content, custom blocklists).

    • Policy enforcement applied to your organisation or network.

    • (If available) Statistics or logs proving the firewall is actively blocking threats.

3. How to Collect / Obtain / Generate This Evidence

StrongKeep's DNS Firewall:

  1. Click "Generate your report"

  2. StrongKeep will provide the report of what malicious network traffic is being blocked for you.

Cisco Umbrella (or similar enterprise DNS firewalls):

  1. Log into the Umbrella dashboard.

  2. Go to Policies → Policy List.

  3. Select the active policy and screenshot the enabled categories (Malware, Phishing, C2, Botnets).

  4. Include evidence of the policy assignment to your network or user group.

Fortinet (FortiGate hardware firewall):

  1. Log into the FortiGate web interface.

  2. Go to Security Profiles → Web Filter / DNS Filter.

  3. Screenshot showing enabled filters (e.g. Malware, Phishing, Block High-Risk Categories).

  4. Optionally, go to Log & Report → Forward Traffic and capture entries showing blocked activity.

4. Evidence Format

  • Accepted file types: PNG, JPG, PDF.

  • Suggested naming format:
    YourCompanyName_FirewallConfig_YYYY-MM-DD.png
    Example: AcmeCorp_FirewallConfig_2025-07-01.png

5. What “Good” Looks Like

  • Firewall shown as enabled.

  • Clear evidence of security categories/rules applied (not blank).

  • (Bonus) Logs or reports showing actual blocks.

  • Screenshot taken from the live firewall console, not a generic image.

Why it matters: auditors want assurance you’re not just saying “we have a firewall,” but showing proof of active, configured protection.

6. Tips

  • Redact IP addresses or sensitive domains before uploading.

  • Pair a configuration screenshot with a report/analytics screenshot to strengthen evidence.

  • If using multiple DNS firewalls (e.g. NextDNS for endpoints, Cisco Umbrella for office), submit one clear screenshot per tool.