NETWORK SECURITY ASSESSMENT
A Network Security Assessment provides a review of the Network Infrastructure, including the architecture, configuration, and additional supporting evidence. The Health Check gives visibility of the IT and digital infrastructure within your business and helps you detect the causes of poor performance and potential threats to your LAN, as well as highlighting any potential gaps.
Benefits Of A Network Security Assessment
The Network security check provides:
- Confidence that Network Security best practice is being applied.
- Identification of potential issues within your environment.
- Help to drive improved efficiency using design and automation.
- Provides evidence to be used with various compliance standards.
A regular Network Security health check serves as a risk assessment, and will identify feature sets that are licenced but not fully utilised, potential security or resilience issues within the overall architecture and can also provide general advice on how to improve efficiency through techniques such as standard design and/or automation. All this will reduce the risk of disruption to the network infrastructure.
As well as best practice this can also provide evidence to be used in conjunction with various compliance standards such as PCI-DSS.
Does Your Organisation Need A Network Security Check?
Not having resilience and stability within the Network Infrastructure of an organisation is a problematic factor as this could mean complaints from customers, the loss of revenue and a reduction in productivity. Often getting forgotten about, the Network can fall down the priority list when it comes to upgrades, monitoring capability and availability.
Many organisations experience dynamic growth, as the business evolves it is important that the network evolves at the same pace. The Health of the network should be reviewed on a regular basis and not doing so can increase business risk, impacting the users and applications that rely on the network.
Networks are typically designed with the following basic’s in mind:
More About Our Network Security Assessments
A Network Security Health Check will identify any critical infrastructure issues, providing detailed recommendations for improvement and covering
- The gathering of information: Our Network Security consultant will spend time on site or remotely gathering information and then review and write up the information gathered.
- A review of the wider infrastructure: Our consultant will then review the wider infrastructure and identify any areas that are not in line with best practises. We will be taking a holistic approach and looking at a wide range of network devices such as, switches, firewalls and load balancers, reviewing your network architecture and security posture.
- Analytics of more vulnerable devices: We will identify and target the potentially more vulnerable devices and analyse these separately using an automated health checking tool.
- Firewall Rule set: As part of this engagement, we will look at the firewall rule set and establish if the rules are well maintained or not, making some high-level recommendations.
- Report: A report will be produced identifying any high impact critical concerns. A summary of quick win resolutions will also be provided. Finally, the report will detail any additional observations made during the audit.
Why LRQA Nettitude
LRQA Nettitude have developed our Network Security health check based on many years of experience working alongside our customers and listening to what they have to say. Whilst every customer may have a slightly different requirement, fundamentally, the goal is the same – “what is the health of my network and how can I improve it?”
To achieve this, we work with you to review your network architecture, configuration and additional supporting evidence. This will be reviewed against LRQA Nettitude, manufacturer and industry best practice and advice.
LRQA Nettitude’s Network Security Consultants are experienced in working with a number of different Security and Networking vendors and have completed high-profile projects involving Network Design and Configuration. Continually looking to improve our services and keep on top of the ever-changing cybersecurity Landscape, our team of highly skilled consultants maintain industry leading accreditations and vendor certifications that are updated on a regular basis for performing network security vulnerability assessments of the highest standard.
Working closely with the vendors, we keep up to date with all new feature releases and emerging technology on behalf of our customers, to enable us to give useful insight into emerging or maturing technology or products in the constantly evolving security market, to help build your department’s road map.
1. Does this mean a consultant has to visit our premises?
a. No – this engagement can be performed remotely using appropriate collaboration tools
2. How long will it take?
a. We scope our engagements on an individual basis. Typically environments with around 1,000 users may be a 3-day engagement.
3. What is the output?
a. We provide a report detailing all the network assets, their software versions and a configuration review, if necessary highlighting next steps for remediation of any issues found.
4. Can you do deep dive configuration checks on complex devices?
a. Yes, for example we can do deep dive configuration checks on Check Point, Palo Alto and Cisco Firewalls and IDS/IPS.
5. Will the consultant be certified in the technology that I have?
a. Yes, our consultants are fully certified in the technologies that we support.
6. Is there any risk of an outage during this engagement?
a. No, our tools are entirely passive, however we understand that there may be particularly sensitive networks (such as Industrial Control Systems), we will work with you to establish what we can and can’t do on these networks.
7. Our networks are managed by a third party, can you assess these?
a. Yes, as long as you ensure permission and access from or through the third party we can assess these, however it is unlikely that we will be given access to shared platforms, such as a shared hosted Firewall service.