Upload File

network-security-audit

1
80 Broad Street, 5th Floor New York, NY 10004 www.2secure.biz [email protected] Tel: 646-666-9601 Fax: 718-942-5355 Date: 10/13/2014 Case Study: NETWORK SECURITY AUDIT Preface: A Network Security Audit evaluates network devices for security settings and recommends changes to en- hance resilience and compliance. The Case: A Law Firm headquartered in New-York City with more than 10 worldwide branch locations, was looking to perform a Network Security Audit on its infrastructure. This audit followed 3 main phases: Discovery: Documenting devices with their Location, Model #, serial, MAC and management IP Network Diagrams: Create global and location based diagrams. Assessment: Management Access Best Practices TACACS+ (highlight omissions) SNMPv3 (highlight omissions) Privilege levels (highlight omissions) Line, console, VTY access AAA functionality correct and operational Support for SSHv2, no Telnet Use of HTTPS and disable HTTP (if applicable) Assessment: Device Hardening Best Practices Secure routing practices Disable unused services and ports Device plane hardening techniques Infrastructure ACLs Layer-2 security Performance Recommendations Assessment: Network Policy Review Validate current device OS software against known PSIRT advisories Adherence with industry and regulatory requirements The above process was fully documented with a report that both Managers and Engineers understood. In Conclusion: Our experts delivered greater security, visibility and control over infrastructure while saving money. About 2Secure Corp 2Secure is a Cyber Security firm that takes a PROACTIVE approach to solving network problems. We provide the right tools to fix problems the first time around – in fact, we guarantee it!

Upload: yigal-behar

Post on 16-Jul-2015

27 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Network-Security-Audit

80 Broad Street, 5th Floor New York, NY 10004 www.2secure.biz [email protected] Tel: 646-666-9601 Fax: 718-942-5355

Date: 10/13/2014 Case Study: NETWORK SECURITY AUDIT

Preface: A Network Security Audit evaluates network devices for security settings and recommends changes to en-hance resilience and compliance. The Case: A Law Firm headquartered in New-York City with more than 10 worldwide branch locations, was looking to perform a Network Security Audit on its infrastructure. This audit followed 3 main phases: Discovery: Documenting devices with their Location, Model #, serial, MAC and management IP Network Diagrams: Create global and location based diagrams. Assessment: Management Access Best Practices TACACS+ (highlight omissions) SNMPv3 (highlight omissions) Privilege levels (highlight omissions) Line, console, VTY access AAA functionality correct and operational Support for SSHv2, no Telnet Use of HTTPS and disable HTTP (if applicable) Assessment: Device Hardening Best Practices Secure routing practices Disable unused services and ports Device plane hardening techniques Infrastructure ACLs Layer-2 security Performance Recommendations Assessment: Network Policy Review Validate current device OS software against known PSIRT advisories Adherence with industry and regulatory requirements The above process was fully documented with a report that both Managers and Engineers understood. In Conclusion: Our experts delivered greater security, visibility and control over infrastructure while saving money. About 2Secure Corp 2Secure is a Cyber Security firm that takes a PROACTIVE approach to solving network problems. We provide the right tools to fix problems the first time around – in fact, we guarantee it!

Audit of NRC’s Network Security Operations Centermsnbcmedia.msn.com/.../NEWS/AJDocs/160112-nrc-cybersecurity-IG.… · Audit of NRC’s Network Security Operations Center. OIG-16-A-07

Systems Security & Audit Operating Systems security

AT THE CORE OF THE FORTINET SECURITY FABRIC · common network security concepts. NSE 2 Security Associate ... Security Audit Services SALES ... Fortinet’s Network Security Expert

Security Audit Certificate - eWON · Audit process: OSSTMM & OWASP ... communication channel Test type: Double gray box Security Audit Certificate Audit modules: ... (Security Test

North Dakota 2016 IT Security Audit Vulnerability ... appendices/17_5153... · North Dakota 2016 IT Security Audit Vulnerability Assessment & Penetration Test ... network security

MOBILE NETWORK SECURITY AUDIT - LATRO Services

REQUEST FOR PROPOSALS ON SECURITY AUDIT SERVICE 2020 · Request for Proposals on Security Audit Service 2020 Page 5 Server and Network Security Audit (a) The Contractor is required

Audit of NRC’s Network Security Operations Center · Audit of NRC’s Network Security Operations Center 5 “shall staff and operate a facility to proactively monitor, avoid, report,

REQUEST FOR PROPOSALS (RFP) No. 120 NETWORK SECURITY AUDIT

GDSN Security Audit Requirements - GS1 Security Audit... · 2015-09-08 · This security audit requirements document is intended to examine the breadth and depth of a security audit,

Shield Network Full Smart Contract Security Audit

Security Audit and Security Tools

Risk based audit program - Audit-network Based Audit... · Federal Agency for the Security of the Food Chain Audit program 1 Risk based audit program ... Audit universe 40 sectors

SECURITY OF THE LOCAL AREA NETWORK Table … on the follow-up audit of physical security of the local area network table of contents page executive digest ..... 1

MOBILE NETWORK SECURITY AUDIT - LATRO Services Security Audit Sa… · Through LATRO’s Mobile Network Security Audit (MNSA), a process of non-intrusive auditing, most of which is

community.mis.temple.edu · Web viewIS Architecture (continuous) and Network Audit Network Overview Network Security and Administration Overview Audit Network CISA Quiz #3 CISA Review

12/3/08CSC309 Miller1 Ch7 Computer Crime. 9/28/08CSC309 Miller2 Good Security Web Site The SANS (SysAdmin, Audit, Network, Security)

Information Technology Information and Systems Security ...• Initial audit of a Client’s network infrastructure through review of documents, configurations, network diagrams and

Garrison SAVI - between physical and virtual isolation€¦ · Garrison Isolation Appliance Lower security network High security network Risky content and services Audit & protective

3 THINGS TO HELP PASS YOUR NEXT NETWORK SECURITY AUDIT · Passing your network security audit is important for all parties involved with your business. WHAT TO DO Passing a network

Network Audit

The Role of Data Authentication and Security in the Audit ... · The Role of Data Authentication and Security in the Audit of Financial Statements ... data centre and network

THE UNIVERSAL SECURITY AUDIT PROGRAMME … · the universal security audit programme the universal security audit programme 1 (usap)

Security Audit Ppt

Process Control Network Security · 2015. 9. 17. · (SysAdmin, Audit, Network, Security) institute in cooperation with the Department of Homeland Security of the United States. Together

Denver Network Security Management Audit Report - Phase 1 FINAL 03-12-12

SECURITY SUITE · 2016. 3. 27. · control security, network security, fax security, document security, and audit trail security. We are proud of our long history of accomplishments

Telecoms Network Security Auditbackoffice.wedotechnologies.com/media/flyers/Telecoms Network... · Telecoms Network Security Audit ... The report was delivered on time and I found

HIPAA Privacy, Security, Breach, and Meaningful Use · contain, and correct security violations, • Train all staff, • Monitor and audit your network, Security To Do • Prepare

Audit of Network Security By - Florida Department of

Security Audit Guide

MikroTik Security Audit & Network Security and how your system works 4. What is Firewall? •In computing, a firewall is a network security ... Next to MikroTik Hotspot Security

Security audit

Security Audit Pm

REQUEST FOR PROPOSALS (RFP) NO. 161 Network Security Audit