Network security is a dynamic process, since new threats and vulnerabilities are uncovered every day. Even though your software may be secure today, the intense pace of upgrades has the potential to create new vulnerabilities on an ongoing basis.

According to CERT Coordination Center statistics, more then 300 vulnerabilities are reported every month. A Vulnerability Assessment process discovers them, determines potential security risk, and provides a recommended fix for each one.

W H A T

A Network Vulnerability Assessment consists of identifying any potential security breaches a hacker could exploit, analyzing the discovered vulnerabilities, and providing a detailed explanation of the recommended fix for each one.

Despite the fact that most security measures are put in place to protect the inside from a malicious outside world, most intrusion attempts actually occur from within the network. A Vulnerability Assessment provided by Dicar Networks is based on information received by two vulnerability scanners, one located inside the network and the other outside the network.

Results of a Vulnerability Assessment are available in a two-level report. The Executive Report represents a high level overview of the number of the vulnerabilities detected and the potential severity. A Detailed Report provides full descriptions of each vulnerability detected and explains the recommended fix for each one. This report is very detailed and provides and in-depth look at the issues that could impact the network.

The key features of the Assessment are: > Automated scans of internal and external devices to detect potential problems. > Customized scan schedules. Scanning process can be scheduled for time when network is least busy. > Full SSL support. Vulnerability scanner has the ability to scan SSL services such as https, smtps, & imaps. > Smart service recognition. Scanner will recognize services moved to non-standard ports. > Non-destructive scanning. In order to avoid risk of bringing down services, non-destructive mode is supported. In non-destrucitve mode the scanner will not try to exploit real flaws but will rely on service banners. > Complete reports including Executive Overview and Detailed Discovery. A Differential Report is also available which will compare the previous scan to the current scan to see if changes have taken place.

W H E N

A Vulnerability Assessment should be performed periodically every month or quarter. New vulnerabilities are being uncovered every day which create the potential for new security breaches to yesterday’s secure network. It is highly possible that workstations can be compromised by a trojan horse program providing back-door access to the network without the users knowledge. Configuration changes or faulty upgrades can also introduce new security breaches. Regular vulnerability testing can discover these breaches and help eliminate them from the network.

Tom Mancuso, Advanced Discovery