INFRASTRUCTURE
Inspect Hardware Infrastructure For Weakness
Computers communicate by opening ports for services. Anytime a port is open, it creates a vulnerability. Sometimes these ports remain open for no reason creating a vulnerable area for intrusion. We make sure every port open is serving its proper use and close those that don’t need to be open.
Why do you need a Firewall?
A Firewall is the first line of defense and requires careful inspection. We use a Next-Generation firewall. Next-Gen firewalls auto-update when vulnerabilities occur; our Next Generation firewall is patched to prevent compromise. Next-Generation Firewalls use Intrusion Detection System (IDS) and Intrusion Prevention System (IPS). IDS and IPS are services that inspect deep into internet traffic looking for malicious activity.
Significant vulnerabilities are being found around old firewalls, and attackers exploit this major vulnerability to violate networks. Attackers can easily search any public IP and gather information about your firewall, including what version is being used and the patch level. So keeping the firewall updated is critical in defending against attacks.
Comparison of the latest firewall and switches against your current ones is a critical step in keeping your network protected. Whether your company chooses our Next-Generation Firewall or chooses to stay with what you have, we will manage it and keep it updated. Commonly there are fees assessed to maintain the license for firewalls; these are for updates this cost will need to be paid yearly.
What exactly is DNS?
To access sites on the internet, computers use Domain Name Servers (DNS) to translate addresses into numbers. This is another area of vulnerability for intruders to violate your network. They often send traffic to malicious sites. To make sure you don’t become a victim of such tactics, our Next-Generation Firewall will filter the websites visited to keep you from going to goo1e.com instead of google.com.
We use a Next-Gen firewall that will secure the DNS to prevent hijacking and the machine from being sent to malicious websites. It also has the ability to prevent computers on your network from going to sites not needed for business operations, sites such as gun sites, porn sites, or any other unwanted sites.
Is LAN segmentation important?
Local Area Networks (LAN) are also critical; if a machine can be seen on the LAN, it can be hacked. In most cases, that’s fine, but is that so for the HR Department or Upper Management? It is essential for security reasons to look to see if your company would benefit from LAN segmentation. It is critical to have a guest network to allow access to the internet for outsiders or visitors. This reduces the chances of them accidentally creating an area of intrusion; if you don’t have a guest network, we can create one.
It’s vital that only machines needing to see each other can do so. Inside your business, you have different departments. Most businesses have Human Resources, Sales, and Accounting. Each department and its machines can be put on its own LAN segment. Keeping the Accounting Department from being able to see the Human Resource Department. The segmentation allows for each department and machine only to see the machines within that segment. In the event the HR Department is hacked, the Accounting Department can remain uncompromised.