Network Security Assessments

External Network Assessment

The external network assessment is focused on all network resources that are visible to the Internet. This includes web servers, web applications, email and FTP servers. These services if not secured properly can result in internal company resources being accessed and exploited by an attacker. Scanning, validating and testing all visible resources is critical in securing the perimeter from attackers. Secure Network uses proprietary software to scan your entire external network infrastructure and then validate each finding.

Internal Network Assessment

The internal network assessment is focused on exploiting network resources that would be visible to individuals with internal network access, such as employees. It is critical for sensitve resources to be protected even from employees, in case there is malicious intent. Our internal process starts again by scanning all internal devices looking for vulnerabilities and validating any findings. All findings are then further tested to determine how far a person can leverage their way across the network.

Scans are performed in three phases:

1. A scan with no credentials
2. A scan with basic user credentials
3. A scan with administrator credentials

Analog Assessment

The analog assessment or "war-dial" is conducted to test the security of all devices with an analog connection such as telephones and modems. Your entire range of telephone numbers are dialed and tested for known security weaknesses.

Wireless Assessment

The wireless assessment or "war-drive" is conducted to test the security of all wireless access points on an organization's network. This test will identify all WAPs and the associated information, all open devices or devices protected by a weak password will be identified. This assessment will help network administrators identify rogue access points within the network and also access points that are attempting to exploit customers by using a targeted SSID.