Security Analysis

BroadSource offers complete security analysis and documentation services.

Analysis

Upon approval, we will gain the information required to create a complete discovery document. The analysis of the network will be non-intrusive and will not cause or require any downtime on any network resource.

BroadSource will:

  • Run non-intrusive network management tools on the network to find information on network devices.
  • Run non-intrusive security tools to find information on well-known security weaknesses of devices on the network. These tools will include but are not limited to, Microsoft Tools, and other open source and proprietary network scanners.
  • Determine Technical risk factors, including Internet, dial-up access, and 3rd party vulnerability study.
  • Review current physical structure
  • Review existing internet usage policies
  • Review existing administrative policies, and employee layoff response procedures
  • Analyze existing perimeter defense mechanisms
  • Analyze existing Network Disaster Recovery plan

Documentation

The Documentation phase of the Security Analysis allows BroadSource to take the information gained in the Analysis phase and compile it into a detailed document. The document created from the Security Discovery process will include information that you can use to make strategic decisions when determining your network’s future security direction. A comprehensive documentation strategy ensures proper planning and implementation within your corporate network.

BroadSource will:

  • Create a diagram of the logical security layout of the network.
  • Document detailed information on key servers on the network, including:
  • Hardware specifications
  • Network Operating System HCL (Hardware Compatibility List) specifications
  • Operating system version & patch levels
  • Applications and services on the servers

Document detailed information on network devices (routers, switches, firewall, and the like) on the network, including:

  • Hardware specifications
  • Operating system version & patch levels
  • Services
  • Configuration
  • Create a detailed report, including a vulnerability matrix.
  • Develop a set of recommendations for the future strategy of the client network.

These recommendations may include specific proposals for the following:

  • Server operating system upgrades
  • Recommendations regarding the licensing of existing products
  • Network or server performance enhancements
  • Security process recommendations
  • Other new services that may enhance the network