LOCKNET IT Solutions

Network Security Assessment

Network Security Testing Helps Keep Your Network Secure

A Network Vulnerability Assessment is a study to locate security vulnerabilities. Network Security Testing may be focused on the security process or the information system. It may also focus on different aspects of the information system, such as one or more hosts or networks.

Network Vulnerability Assessments identify areas for improvement for security threats and malicious attacks from outside sources, and identifies corrective actions. This is the first step in completing a Network Security Audit.

Network Security Testing Simulates Attacks

Network Security Testing, which includes a Network Penetration Test, subjects a system to the real-world attacks selected and conducted by the testing personnel. The benefit of a Network Penetration Test is that it identifies the full extent to which a system can be compromised before the attack is identified, and assesses the response mechanism’s effectiveness. Network Penetration Tests generally are not a comprehensive test of the system’s security, and should be combined with other independent diagnostic tests to validate the effectiveness of the security process.

Physical Security Assessments Identify Building Risks

A Physical Security Assessment is a comprehensive evaluation of the non-technical part of information security. This includes a thorough inspection of the building and work areas to identify physical security risks.

Social Engineering Testing Identifies Customer Communication Risks

Social Engineering is another form of Network Security Testing. It involves the art of gaining information from people by appearing authorized or authoritative to employees to gain physical access to computer systems and other confidential information. Obtaining information may happen either in person or over the phone, and typically involves information requests from employees to see what can be revealed, especially when employees are not following company procedures or providing confidential information to people outside the institution.

back to top

Penetration Testing

• Identifies Open Ports and Resources that are exposed externally
• Identify the extent to which an external network can be compromised
• Assess the effectiveness of external Security Controls
• Customized Reporting

Test Your Perimeter Security

A Penetration Test subjects your external network to real-world attacks and is conducted remotely by security testing personnel. A Penetration Test begins with a comprehensive analysis of publicly available information about the target. Next is a network enumeration phase, where target hosts are identified and analyzed. The behavior of security devices, such as screening routers and firewalls, are analyzed. Vulnerabilities within the target hosts are then identified, verified and the implications assessed. LOCKNET verifies that existing external security measures are working properly and identifies the threats facing your organization’s information assets to quantify your information risk.

Penetration Testing Key Features:

• A formal process, which includes the following phases:
  • External information gathering of the network
  • Attack and penetration of the network
  • Local (internal) information gathering
• Attempt at privilege escalation
• Report generation
• Identifies open ports and resources that are exposed to determine if your security investments are actually detecting and preventing attacks
• Customized reporting, with limited false positives, delivered in protected PDF format that can be shared with auditors and other parts of the organization

PENETRATION TESTING OF YOUR NETWORK PERIMETER IS RECOMMENDED AT LEAST ONCE PER YEAR AND AFTER ANY MAJOR RECONFIGURATION OR EXPANSION OF THE NETWORK.

back to top

Vulnerability Assessment

• Identifies vulnerabilities and configuration issues
• Identify the extent to which an internal network can be compromised
• Assess the effectiveness of internal Security Controls
• Customized Reporting

Test Your Internal Network Security

A Vulnerability Assessment is a study to locate vulnerabilities or potential vulnerabilities within your internal network. It differs from a Penetration Test in that the security testing personnel are given full access to the internal network being tested. A Vulnerability Assessment evaluates the current status of your internal network security by analyzing all aspects of your internal network (i.e. IP addresses, servers, network devices and PCs) and then identifying corrective measures.

Vulnerability Assessment Key Features:

• Identifies security vulnerabilities and classifies them as High, Medium, or Low
• Identifies missing patches and service packs
• Identifies important devices (USB, wireless, etc.)
• Identifies open ports and services utilizing those ports
• Identifies open shares
• Identifies users
• Identifies device properties
• Identifies non-updated security software
• Customized reporting delivered in protected PDF format that can be shared with auditors and other parts of the organization

A VULNERABILITY ASSESSMENT OF YOUR INTERNAL NETWORK SHOULD BE PERFORMED AT LEAST QUARTERLY AND AFTER ANY MAJOR CHANGES TO THE NETWORK INFRASTRUCTURE.

Back to Managed Services