External Network Vulnerabilities Assessment

image01

It is critically important that organizations take a holistic approach to information security. Network security is all about understanding weaknesses and taking the steps to secure those weaknesses.

Our Group provides your organization with a clear understanding of the risks present on your external network and with necessary awareness required to properly secure your organization's externally facing assets and help you move towards superior network security.

External Vulnerability Assessments are the backbone of our perimeter security offerings. Our security experts will run a series of tests to clearly define any vulnerabilities, identify possible threats that the vulnerabilities pose and provide detailed recommendations on how to fix any deficiencies. This provides realistic data and insights that can then be used to secure network equipment and defend against real-life attacks.

Our Group offers external vulnerability assessments that are designed to look at the environment from the public view, that is, from the outside looking in. This is one of the first lines of defense for security on most networks.

Process
Our Group's External Vulnerability Assessment service follows the basic process outlined below:

  1. Receive signed vulnerability testing waiver from the organization
  2. Perform passive reconnaissance of the organization's external systems and presence
  3. Determine live hosts
  4. Conduct port scans of all live hosts (all scans will come from a predefined number of external IP addresses during a time that is mutually agreeable)
  5. Conduct vulnerability assessment using vulnerability scanning tools
  6. Verify vulnerabilities using manual scanning and verification techniques to eliminate false positives
  7. Write report of all vulnerabilities including remediation steps
  8. Review report with internal staff

Items Reviewed
The following specific items are covered during the scope of an External Vulnerability Assessment:

  • Firewall Vulnerability Scanning - Our Group will conduct port scanning and vulnerability scans against all provided IP addressees to determine any potential problems.
  • Firewall / Router Configuration - If provided, Our Group will conduct a detailed analysis of the rule-set using industry best practice guidelines
  • Host Vulnerability Scanning - Our Group will scan all available hosts to determine if any vulnerabilities are present. Possible hosts include - VPNs, websites, DNS, etc.
  • War Dial - All the provided telephone numbers will be assessed to determine if rogue modems are available and answering

The External Vulnerability Assessment is typically done remotely and does not require an on site visit in most cases. After the testing has been completed, our Group will provide your organization with a custom formal report that:

  • Lists all identified weaknesses and vulnerabilities
  • Explains the risks associate with the current network configuration
  • Presents recommendations to increase the security of your external network

Using our Group Vulnerability Assessment Services, your IT staff can concentrate on maintaining a secure network without investing in expensive security tools and training, or devoting hours to scanning, testing, checking for false positive results, reporting, or maintaining expensive information security experts on staff.

For further information on our External Vulnerability Assessment service