Unlike an assessment which involves ‘packets on the wire’ this review takes an insider’s view, with full administrative access to the system’s configuration.

SECURITY SOLUTION CONFIGURATION REVIEW

 

A Security Solution Configuration Review is a rapid, on-site configuration review of a security solution and could apply to any device that a client may have deployed to improve their security posture. This includes:

  • NAC technologies
  • Intrusion detection/prevention systems
  • Malware detection solutions
  • VPNs
  • Authentication technologies
  • Web filtering solutions
  • Cryptosystems
  • Infrastructure devices (e.g. wireless access points, switches and routers)

PURPOSE

 

The purpose of the review is to verify the operating condition of a security solution and effectiveness of its security configuration. Clients utilize this service as part of the security verification process to identify abnormalities or gaps in their security controls. Depending on the device type the review will include the following checks:

  • Software or hardware version, including service packs with verification of any security vulnerabilities or software bugs present in this release
  • Operating system version, including service packs with verification of any security vulnerabilities or software bugs present in this release
  • Physical security review of the solution such as location and access control to the actual devices
  • Hardware review, including memory, network interface cards, system utilization and load
  • Services supported by the solution such as authentication, VPN, content verification and others
  • Verification that the security solution is configured and functioning to the Client’s intent
  • A review of the logging and alerting mechanisms on the security solution
  • Review user and administrator accounts set up on the solution and the underlying operating system
  • Vendor licensing review

FINAL REPORT

 

At the conclusion of the review, a report will be prepared and reviewed to:

  • Outline the overall solution and the effectiveness of its control
  • Detail any potential vulnerabilities in a device policy configuration or software version
  • Detail any potential security issues resulting in the device’s placement on the network
  • Review traffic and system audit logs for potential configuration or hardware related issues
  • Provide security recommendations for enhancement of the overall device configuration and improvement of security protection provided by the firewall
Contact CipherTechs

Your Name (required)

Your Email (required)

Subject

Your Message

×
Join our team!

Your Name (required)

Your Email (required)

Subject

Your Message

Upload Resume

×
Contact CipherTechs

Your Name (required)

Your Email (required)

Subject

Your Message

×
Share This