A network security analysis is an examination of the controls within an Information Technology (IT) infrastructure and consists of collecting and evaluating the specific details of an organization’s information systems and its operations. The evaluation of these details determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently so that the organization may best acheive its goals and objectives. A network security analysis may be performed in conjunction with a security policy review, regulatory compliance assessment or vulnerability assessment.
Risk Management
Since on-going risk management is essential for any financial institution, people, processes and technology must be continuously assessed to evaluate the risk thay pose: People can be evaluated by performing social engineering assessments or by receiving security awareness training; processes can be evaluated by reviewing security policies, regulatory compliance and vendor oversight; and technology can be evaluated by performing routine vulnerability assessments and an annual network security analysis, which is what we focus on here.
Jumbo Systems On-Site Network Security Analysis provides an in depth assessment and review of the internal network infrastructure, network resources and end points in order to evaluate the company’s methods of safeguarding assets (member information), maintaining data integrity, and optimizing the internal network performance so that the organization can best achieve its business objectives.
Jumbo Systems Network Specialists and Security Engineers analyze, document and report on selected components of the network to assess its overall health. A complete report detailing network strengths and weaknesses is then provided to the client. The report also includes customized recommendations to improve security, increase operational efficiency and maintain best business practices.
Scope of Service
Jumbo Systems engineers perform on-site assessments of the network infrastructure and configurations of key internal systems in order to gain insight into network integrity, performance and potential vulnerabilities from general concepts to particular device settings and configurations. The client’s network assessment will be broken down into three areas:
– All Servers in Server Farm – Domain Controllers, Terminal Servers, VMWare, E-mail Servers, Members Servers, etc.
Network Infrastructure and Internet Access
– All Connectivity / Devices – Firewalls, VPN Devices, DMZ’s, IDS/IPS Appliances, DLP Appliances, Routers, Switches, Wireless Access Points, etc.
Jumbo Systems will review network endpoints, resources and infrastructure as determined by the client, in order to evaluate network performance, security configurations and settings. Jumbo Systems will review network design and configurations, firmware (IOS) versions, OS patch levels, fault tolerance and local and remote access. Jumbo Systems will review any and all access to internal systems by third parties.
- Kiosk’s Terminals
- ATM’S, CDM’s
- Sample of Typical Printers
- Sample of Typical Workstations
- Domain Controllers
- Terminal (Citrix) Servers
- VMware, SQL Servers
- E-Mail Servers
- Content Filtering Servers, etc.
- Routers
- Switches
- Internet Connections
- Firewalls, DMZ
- IDS/IPS, DLP (Security Appliances)
- VPN Connections
- Remote Access
- Third Party Access
- Wireless Access
Comprehensive Report
Jumbo Systems Network Specialists and Security Engineers analyze, document and report findings on all devices reviewed; they will then correlate all collected data, documentation and findings to generate a comprehensive customized report.
Once completed, the customized report will be provided to the client. Each device reviewed will be given two ratings, one to address the device’s overall security posture, and a second to describe the devices overall network performance.
Jumbo Systems engineers will document any and all recommendations to improve the security and/or performance ratings for each device reviewed. These recommendations may include but are not limited to: hardware/software upgrades, device deployment strategies, configuration changes, firmware upgrades, software patches, administrative policy changes, new technologies or any combination of these.In this way, Jumbo Systems will guide the client towards achieving the best possible business practices relating to IT and security.
Upon delivery of the final report, Jumbo Systems will schedule a meeting with the client to review the report in its entirety, answer all questions and assist the client in taking the next step to address the findings and implementing the required modifications.