Enhanced Security Assessment

The Enhanced Security Assessment Blueprint is designed for our more sophisticated clients and network environments. These clients may have needs for higher levels of IT security or specialized services. This level allows for the inclusion of added-value assessments, like SQL Server and MS Exchange, along with network diagraming and internal vulnerability detection. Unlike the Basic Security Assessment Blueprint, this blueprint does require an annual on-site visit.

FREQUENCY

DETECTIVE

DELIVERABLE

PURPOSE

  • INITIAL / ANNUAL

  • Network Security Inspector

  • Network & Security Risk Reports

  • Management Plans
    Full Detail Report

  • External Vulnerability Summary

  • Internal Vulnerability Summary

  • Layer 2/3 Diagram & Detail 

  • Establish a baseline assessment.

  • Refresh the baseline on annual basis.

  • Provides network documentation.

  • Enhanced security from identifying internal network vulnerabilities.

  • MONTHLY

  • Network Security SQL Server*

  • Baseline Management Plan
    Risk Reports
    (Change)

  • Management Plans (Change)

  • Full Detail Change Report

  • External Vulnerability Summary

  • SQL Server Health Reports

  • Show progress in issue remediation with Baseline reports.

  • Show new issues and re-prioritize with change reports.

  • Identify significant network changes that may affect monitoring and management.

  • QUARTERLY

  • Network Security Exchange* 

  • Network & Security PowerPoints

  • Quarterly Business Review Report

  • Exchange Risk/Detail Reports 

  • Interactive review of significant changes in a digestible fashion.

  • Identify new projects and initiatives.

  • Provide additional documentation for disaster recovery.

Required Tasks 

On an annual basis, an on-site visit with an Inspector appliance is required to perform the Internal Vulnerability and Layer 2/3 scan. All other scans (Monthly and Quarterly) can be performed remotely. 


Estimated Time 
Implementing the Enhanced Blueprint manually would take about the same time as the Basic Blueprint but will require additional six hours of time per year: two hours for the on-site visit to connect and remove the Inspector, four extra hours of time to scan and generate Exchange and SQL Server reports. Automation would also significantly reduce the time to implement the Enhanced Blueprint as well. 

 

 

Perform Scans 
Initial/Annual

1. Go on-site. 
2. Connect the Inspector appliance. 
3. From the Assessment tool application, setup the appliance to initiate an Internal Vulnerability scan, Layer 2/3 scan, Network Scan, and Local Push for Network and Security. 
4. Initiate an External Vulnerability scan from the Network Detective application.

Monthly/Quarterly

1. Remote onto a server or workstation in the client’s network. 
2. Download and run the Network/Security Data Collector to perform a Network Scan. 
3. Download and run the Network/Security Push Data Collector to run local data collection on the connected computers. 
4. Download and run SQL Server collection (monthly, if applicable). 
5. Download and run Exchange data collection (quarterly, if applicable). 
6. Initiate an External Vulnerability scan from the Network Detective application.

 

Report Review and Delivery 
Reports will be generated per the blueprint based on the frequency. The Initial/Annual and Quarterly reviews will be done interactively either in person or online. Monthly reports can be delivered electronically to our clients and reviewed as needed. On a monthly basis, our Iron Defence Security Consultant will review the set of generated reports, focusing mostly on the change reports, and looking for new issues in the Management Plans.