Welcome to AAA Networks
Welcome to AAA NetworksA CTI Company
 
 


Basic Vulnerability Scan and Analysis
The Basic Vulnerability Scan and Analysis is for organizations that don't know the current vulnerability levels of their IT environment, or wish to review their exposure since the last scan. AAA Networks can complete a Vulnerability Analysis of your entire network, or just a select range of devices.
 
Security Assessment

Our standard Security Assessment focuses on the following areas:

Security Design Review
  • Physical Design
  • Logical Design
  • VPNs and other Communications Service
    •  
    Environment Equipment (Firewalls, IDS, Routers, Etc.) Review
  • Hardware Platforms
  • Operating Systems
  • Configurations
    		•
     

    Security Management Review
  • Policies, Procedures & Tools/Technology
  • Configuration & Change Management
    •  
    Vulnerability Scan and Assessment
  • Servers, Routers, Firewalls and sample of workstations and other devices
    •  
    ISO 17799 Corporate and Internet Vulnerability Assessment
    This Assessment is the baseline evaluation to determine a company's state of readiness and exposure to information security incidents from internal and external threats. The CIVA is a blended technical and non-technical evaluation conducted from a Secure Operations Center (SOC) and on the customer's site. The Internet Reconnaissance and External Vulnerability Assessment are conducted from the SOC and focus on external threats to the organization. The Risk Analysis, ISO Standard 17799 Review, and Internal Vulnerability Assessments are conducted at the customer site and focus on internal threats. This Assessment addresses the following:
  • Network probing and scanning
  • Locating vulnerabilities
  • Network Design Review
  • Scanning network resources and files
  • SNMP (Simple Network Management Protocol) enabled devices
  • Password Standards and Cracking
  • Host Server Security Review
  • Review of Virus Detector implementation and procedures
  • Risk Assessment
    •  
    Penetration Testing and War Dialing
    Also known as ethical hacking, penetration tests focus on systems and networks. Security experts test the desired point of network access for improper entry or access to information. In all cases, structured "rules of engagement" are defined in advance to ensure activities do not negatively affect operations, even as they test your ability to address attacks in progress.
  • War Dialing Assessment-Test for improperly configured modems that can lead to back doors.
  • Wireless Assessment-Test for improperly configured access points that can lead to back doors.
  • Internet Penetration Test-Test attempts to compromise internal target(s) from the Internet.
  • Public Information Reconnaissance-Record publicly available information that can be used to coordinate an attack.
    •  
    Security Benchmarking

    Benchmarking is an efficient and effective evaluation approach. The benchmarking approach involves developing a self-administered survey instrument, distributing the survey instrument to business organizations for completion, scoring the results, and finally analyzing the scores and providing feedback to the units. The survey instrument is based on a set of baseline controls. These are controls considered prudent, generally accepted, and in-place in all well-run organizations. For benchmarking purposes, the 300+ baseline controls are organized into 17 areas (such as policies and awareness, physical security, and workstation security). The benchmark process results in a specific score for each area.

    In addition to comparison with existing benchmark data, essentially a single valuation/comparison at one point in time, clients can use the benchmarking process to evaluate security over time. Specifically, each organization will conduct the benchmark survey on a periodic basis-probably yearly. In this way, each organization can evaluate its level of security relative to a benchmark of other organizations, to a benchmark of the baseline controls, to other client business organizations, and to a benchmark of how it has changed over time.

    Unlike any other measurement tool, we can simultaneously indicate results across several global standards and industry compliance laws (e.g. ISO 17799, HIPAA, GLBA) enabling project justification and program trending

     
    Network Assessments

    A Network Assessment focuses on the following areas:

    Network Design Review

  • Physical Design
  • Logical Design
    • Network Equipment Review
  • Hardware Platforms
  • Operating Systems
  • Configurations
    • Network Statistical Review
  • Usage Reporting
  • Utilization Reporting
    		•
    Network Management Review
  • Platforms and Capabilitie
    •  
    IT Benchmarking, Readiness & Roadmaps
    AAA Networks will provide IT Benchmark Assessments to help you understand where you stand vs. industry best practices and standards; Readiness Assessments to enable you to discover what steps you must undertake prior to taking on a new IT initiative such as IP Telephony or Exchange upgrade/migration; and optimization Roadmaps to help you plan and budget for your future endeavors in alignment with your Business Plan.
    For more information please contact managedservices@aaanetworks.net