Dicar Networks 97 East Brokaw Road Suite #230 San Jose, CA 95112 http://www.dicarnetworks.com/ THE DYNAMIC PROCESS OF NETWORK SECURITY by Vlad Sharoiko
Network security is a dynamic process because of new threats and vulnerabilities that are uncovered every day. Your software may be secure today, but intense pace of upgrades will continue to create openings for new issues to arise. According to statistics released by CERT Coordination Center, more than 300 vulnerabilities are reported every month. The process of discovering them, determining potential security risk, and recommending fixes is called a Vulnerability Assessment.
A Network Vulnerability Assessment can:
Identify any potential security breaches a hacker could exploit
Analyze discovered vulnerabilities existing in network
Provide a detailed explanation of recommended fix for each threat
Despite fact that most security measures are put in place to protect a network from malicious outside world, many intrusion attempts are now happening from inside organization. With proliferation of laptops and handhelds, possibility of an internal intrusion has greatly increased. For this reason, a complete assessment should be done with scanners located inside and outside network to determine if potential issues exist in either place.
In addition, reports generated should be structured for 2 levels of review. The Executive Report should represent a high level overview of number of vulnerabilities detected, while IT Department should receive a highly detailed report containing descriptions of each vulnerability and explanations of fixes recommended for each one.
The key features of a Vulnerability Assessment are:
Automated scanning of internal and external network devices Scan schedules customized to times of least activity on network Full SSL support to scan SSLized services such as https, smtps, & imaps Smart service recognition to detect services moved to non-standard ports Non-destructive scanning to avoid interruption of normal network activity Complete reporting designed for 2 levels of review
A Vulnerability Assessment should be performed on a monthly or quarterly basis, depending on network size and usage. New vulnerabilities are discovered every day, including ones that can provide back door access through desktops or laptops already connected to network. Even a configuration change or faulty upgrade can introduce an opportunity for breach that was not available a week ago. Testing and review on a regular basis can help discover potential issues and reduce possible damage that can be done to network, and in turn, productivity of organization.