416.235.0931 | 1.866.408.2737 | info@infinitynetwork.com

Security Assessment

You’ll never have to worry about viruses, identity thieves or web threats again.

Hacker and computer virus conceptToday, security threats are all around you. And with a new virus being detected every 6 seconds, it’s more important than ever to protect your productivity and reputation with security services from Infinity Network Solutions. Our portfolio of security services protects your computers wherever they’re connected – in the office, at home or on the road – with a solution that’s designed to fit your business. Our approach to security keeps your infrastructure safe and constantly updates your protection so you’ll never have to worry about viruses, identity thieves or web threats again.

Infinity consultants follow a proven methodology to conduct assessments that deliver optimal levels of business value. We focus on safeguarding your IT assets from a variety of threats by identifying network vulnerabilities on your systems, through a series of phases, with minimal disruption for your staff or to your productivity.

Security Audits

Our methodology for Security Assessments consists of several areas:

  • External network topology
  • Internal assessment
  • Physical security assessment
  • Microsoft Windows assessment
  • Unix environment assessment
  • Wireless security assessment
  • Firewall assessment
  • Weak authentication mechanisms
  • Server configuration assessment for e-mail, database and DNS servers
  • Web Server assessment
  • SNMP checks
  • Vulnerable FTP servers

Because the objective of a security assessment is to evaluate the controls over information technology that are in place, we incorporate a four-phased approached to our assessments that will identify your security goals, priorities and tolerance of risk. The four phases include: discovery, device profiling, vulnerability scanning and validation.

Discovery

The discovery phase consists of extensive information gathering that results in a detailed blueprint of your network and its security profile. This includes all active IP network ranges, domain names and their associated TCP, UDP, information about hosts, such as OS and applications, as well as other network services accessible from the internal network.

Device Profiling

The information from the discovery phase allows you to then profile the devices on your network and dynamically identify them and classify them by type. This allows for the provisioning of security policies for each type of device as it connects to your network and appropriately assign functional responsibility for each one.

Vulnerability Scanning

By using the information gathered in the earlier phases, Infinity will perform the task of an in-depth test to penetrate vulnerable areas and systems to develop strategic recommendations.

The analysis will include categories such as:

  • System Compromise
  • Unauthourized data access
  • Information disclosure
  • Command execution
  • Denial of service

Validation

Infinity partners with your business to optimize your security goals.

In the final phase of our assessment, our consultants will list all vulnerabilities and rank them by risk; low, medium and high and then for a nominal fee, attempt to exploit or validate this data and compare with the initial findings of the assessment.

If your business runs a virtual private network (VPN) to allow remote users to connect to the network, there is the risk that outside threats could use it as an entry point into your internal network.

Infinity Network Solutions helps you mitigate risk and avoid malicious attacks with a VPN Security Assessment. This service is part of the comprehensive portfolio of security services offered by Infinity Network Solutions.

Our consultants review the policy and procedures used to administer the VPN. We gather as much information as possible about the configuration and security of the target VPN server to establish if it’s possible to gain access to the network through the device. During the process, Infinity works with system and network administrators to obtain information, review the technical architecture of the VPN deployment and identify issues in any of these areas.

Methodology

Our VPN Security Assessment methodology consists of the following steps:

  • External and internal VPN vulnerability scan
  • VPN policy and procedure review
  • VPN architecture review
  • Interview with VPN administrator

Towards the end of the assessment, Infinity will list the discovered vulnerabilities and rank them from low to high. For a nominal fee, Infinity will perform a series of retests of these vulnerabilities within three months of the completion of your engagement. This enables you to compare and validate remediation efforts with the initial findings of the VPN security assessment.

For more information about security engagements from Infinity Network Solutions, please call us at: 416.235.0931