Network Security

Does your company perform regular a network vulnerability assessment? If so, what is done with the information gathered? In my experience over the years I have seen many companies run an assessment, get the report and just file it away. Without really ever verifying the issues that were reported or making any real attempt at mitigating them. All this amounts to huge blunders but only if you actually have a security breach. Network vulnerability assessments really do matter.

A proper assessment will give you tons of insite on the possible security holes in your network. Even if you perform an assessment and receive a passing report you should ask yourself passing by what standards? I urge you to take an honest look at the report. If you don’t understand what it all means enlist the help of someone. Get in there and dig into the vulnerabilities found. Check over every open port and what services are running. Validate everything in the report! Once you understand everything found in the report you’ll have an idea of what you can tighten up.

Go through and look at each port and service found in you vulnerability assessment’s report. Ask yourself what each one is for and do some research to see if you need them or not. If you don’t need them lock them down. *Dont just block them with the firewall rules* instead, shut down the service and prevent it form firing back up on startup. Even it there is no vulnerability for the service, if its not needed shut it down. The reason I say this is that just because there is no vulnerability found today does not mean there won’t be a new exploit discovered sometime in the future. So turn of the service and you will be safer down the road.

After shutting down all the un-needed services, start concentrating on the ones that you do need. If the service can be limited in some way, to a certain part of your network or certain clients try to limit that service with firewall rules. Look at all the vulnerabilities on those services and double check them for patches. Repeat these steps over and over. The more you do it, the better you’ll be familiar with your network and what to expect the next time you run an assessment. The whole process of running a network vulnerability assessment will get much easier as time goes on and your network will only get more secure.