The primary goal of the checklist is to make it useful and as a trusted guide for IT Auditors,Security Consultant in Network Architecture Review assignments.The checklist is drawn from numerous resources referred and my experience in network architecture reviews.Though the essentially doesn't essentially cover all elements of a network architecture review,I have tried to bring in aspects of the security element in a network architecture
Network Architecture review in context of Information security helps to understand how to actually review the components of network with respect to best practices.
This Document describes How to review a Network Architecture in context of Information security . It helps to identify the starting point for reviewing the components of network with respect to best practices. A Network Architecture Review is a review and analysis of relevant network artifacts (e.g. network diagrams, security requirements, technology inventory, DMZ).
Next Generation Network: Security and Architectureijsrd.com
Wireless sensor networks will be widely deployed in the near future. While much research has focused on making these networks feasible and useful, security has received little attention. Wireless Sensor Networks (WSN) are a most challenging and emerging technology for the Research due to their vital scope in the field coupled with their low processing power and associated low energy. As wireless sensor networks continue to grow, so does the need for effective security mechanisms. Because sensor networks may interact with sensitive data and/or operate in hostile unattended environments, it is imperative that these security concerns be addressed from the beginning of the system design staring with a brief overview of the sensor networks security, a review is made of and how to provide the security in the wireless sensor networks. This paper studies the security problems, Requirement, Architecture of WSN and different platform, characterized by severely constrained computational and energy resources, and an ad hoc operational environment.
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
Cyber Security is one of the major challenges facing organisations within all industries. This presentation will examine the integration of an Enterprise Architecture approach with an Enterprise Security Architecture approach (TOGAF and SABSA) and propose a generic framework.
Download this presentation at http://opengroup.co.za/presentations
Patch management is critical to reducing your attack surface and keeping your endpoints and business running smoothly. Unfortunately, it's also a process that must be repeated weekly, monthly, quarterly, and whenever critical fixes have been identified for your environment. The good news is: with the right tools and some advance planning, this process can run smoothly and leave your IT team with more time to support core business goals.
Join us to learn about trends in patch management, including the latest ways Ivanti is helping Security and IT teams work together like a well-oiled machine.
Network Architecture review in context of Information security helps to understand how to actually review the components of network with respect to best practices.
This Document describes How to review a Network Architecture in context of Information security . It helps to identify the starting point for reviewing the components of network with respect to best practices. A Network Architecture Review is a review and analysis of relevant network artifacts (e.g. network diagrams, security requirements, technology inventory, DMZ).
Next Generation Network: Security and Architectureijsrd.com
Wireless sensor networks will be widely deployed in the near future. While much research has focused on making these networks feasible and useful, security has received little attention. Wireless Sensor Networks (WSN) are a most challenging and emerging technology for the Research due to their vital scope in the field coupled with their low processing power and associated low energy. As wireless sensor networks continue to grow, so does the need for effective security mechanisms. Because sensor networks may interact with sensitive data and/or operate in hostile unattended environments, it is imperative that these security concerns be addressed from the beginning of the system design staring with a brief overview of the sensor networks security, a review is made of and how to provide the security in the wireless sensor networks. This paper studies the security problems, Requirement, Architecture of WSN and different platform, characterized by severely constrained computational and energy resources, and an ad hoc operational environment.
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
Cyber Security is one of the major challenges facing organisations within all industries. This presentation will examine the integration of an Enterprise Architecture approach with an Enterprise Security Architecture approach (TOGAF and SABSA) and propose a generic framework.
Download this presentation at http://opengroup.co.za/presentations
Patch management is critical to reducing your attack surface and keeping your endpoints and business running smoothly. Unfortunately, it's also a process that must be repeated weekly, monthly, quarterly, and whenever critical fixes have been identified for your environment. The good news is: with the right tools and some advance planning, this process can run smoothly and leave your IT team with more time to support core business goals.
Join us to learn about trends in patch management, including the latest ways Ivanti is helping Security and IT teams work together like a well-oiled machine.
What is a secure enterprise architecture roadmap?Ulf Mattsson
Webcast title : What is a Secure Enterprise Architecture Roadmap?
Description : This session will cover the following topics:
* What is a Secure Enterprise Architecture roadmap (SEA)?
* Are there different Roadmaps for different industries?
* How does compliance fit in with a SEA?
* Does blockchain, GDPR, Cloud, and IoT conflict with compliance regulations complicating your SEA?
* How will quantum computing impact SEA roadmap?
Presenters : Juanita Koilpillai, Bob Flores, Mark Rasch, Ulf Mattsson, David Morris
Duration : 68 min
Date & Time : Sep 20 2018 8:00 am
Timezone : United States - New York
Webcast URL : https://www.brighttalk.com/webinar/what-is-a-secure-enterprise-architecture-roadmap
Problems:
- What Security Products Do We Really Need & Don’t?
- How do we Identify Gaps & Overlaps in Portfolio?
- How do we define our Security Products Strategy?
- What security products can be replaced or dropped?
- How do we understand & categorize security vendors using a standardized approach?
- How do we make the optimal use of my existing cybersecurity products portfolio?
Complete coverage of CISSP 7th Chapter - Security Operations. I have made sure to cover all topics from three books in this presentation. For corrections, clarifications, please feel free to reach me.
Summarize the design and build approach for SOC (Security Operation Center) for both end user company and service providers. Defines the approach flow for SOC building and various components and phases involved. Defines design thumb rules and parameters for SOC Design.
Building an effective Information Security RoadmapElliott Franklin
As company information security functions continue to grow each year with increasing attacks and regulations, how are you handling the
pressure? Are you constantly battling to run the business projects and reacting to customer requests? Have you blocked off a few hours each week
on your calendar to close your email, turn off your phone and try to build, assess and maintain an effective vision for your security team? This
presentation will discuss a cascading approach to creating such a roadmap that is easily understood by executives and has helped gain quick buy
in for multiple enterprise wide security projects.
The Security Vulnerability Assessment Process & Best PracticesKellep Charles
Conducting regular security assessments on the organizational network and computer systems has become a vital part of protecting information-computing assets. Security assessments are a proactive and offensive posture towards information security as compared to the traditional reactive and defensive stance normally implemented with the use of Access Control-Lists (ACLs) and firewalls.
Too effectively conduct a security assessment so it is beneficial to an organization, a proven methodology must be followed so the assessors and assesses are on the same page.
This presentation will evaluate the benefits of credential scanning, scanning in a virtual environment, distributed scanning as well as vulnerability management.
The project title for this task force is “Cyber Security Maturity Model for Organizations”. Some of the
key things that you are going to learn from this presentation is:
The user organizations will learn, how to easily adapt a cyber security maturity assessmentmodel based on the widely accepted frameworks such as NIST CSF and ISO27001:2013
The readers will learn about the core information security domains and how to plan forsecurity activities around those core domains
The readers will learn how to prioritize the security budget and draw out the securitycontrol implementation roadmap for their organization
The readers will learn to apply a risk informed approach to information security for theirorganizations which can be used to educate about and sell security to their CEO’s and board members.
ControlCase covers the following:
•What is PCI DSS?
•What does PCI DSS stand for?
•What is the purpose of PCI DSS?
•Who does PCI DSS apply to?
•What are the 12 requirements of PCI DSS?
•What are the 6 Principles of PCI DSS?
•What are the potential liabilities for not complying with PCI DSS?
•How can we achieve compliance in a cost effective manner?
Defining an IT Auditor,
IT Auditor Certifications & ISACA,
IT Audit Phases,
Preparing to be Audited,
How IT auditor audits an Applications,
Auditing technology for Information System.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
Control physical and logical access to assets, Manage identification and authentication of people and devices, Integrate identity as a service (e.g., cloud identity),
Integrate third-party identity services (e.g., on-premise), Implement and manage authorization mechanisms, Prevent or mitigate access control attacks, Manage the identity and access provisioning life cycle (e.g., provisioning, review)
What is a secure enterprise architecture roadmap?Ulf Mattsson
Webcast title : What is a Secure Enterprise Architecture Roadmap?
Description : This session will cover the following topics:
* What is a Secure Enterprise Architecture roadmap (SEA)?
* Are there different Roadmaps for different industries?
* How does compliance fit in with a SEA?
* Does blockchain, GDPR, Cloud, and IoT conflict with compliance regulations complicating your SEA?
* How will quantum computing impact SEA roadmap?
Presenters : Juanita Koilpillai, Bob Flores, Mark Rasch, Ulf Mattsson, David Morris
Duration : 68 min
Date & Time : Sep 20 2018 8:00 am
Timezone : United States - New York
Webcast URL : https://www.brighttalk.com/webinar/what-is-a-secure-enterprise-architecture-roadmap
Problems:
- What Security Products Do We Really Need & Don’t?
- How do we Identify Gaps & Overlaps in Portfolio?
- How do we define our Security Products Strategy?
- What security products can be replaced or dropped?
- How do we understand & categorize security vendors using a standardized approach?
- How do we make the optimal use of my existing cybersecurity products portfolio?
Complete coverage of CISSP 7th Chapter - Security Operations. I have made sure to cover all topics from three books in this presentation. For corrections, clarifications, please feel free to reach me.
Summarize the design and build approach for SOC (Security Operation Center) for both end user company and service providers. Defines the approach flow for SOC building and various components and phases involved. Defines design thumb rules and parameters for SOC Design.
Building an effective Information Security RoadmapElliott Franklin
As company information security functions continue to grow each year with increasing attacks and regulations, how are you handling the
pressure? Are you constantly battling to run the business projects and reacting to customer requests? Have you blocked off a few hours each week
on your calendar to close your email, turn off your phone and try to build, assess and maintain an effective vision for your security team? This
presentation will discuss a cascading approach to creating such a roadmap that is easily understood by executives and has helped gain quick buy
in for multiple enterprise wide security projects.
The Security Vulnerability Assessment Process & Best PracticesKellep Charles
Conducting regular security assessments on the organizational network and computer systems has become a vital part of protecting information-computing assets. Security assessments are a proactive and offensive posture towards information security as compared to the traditional reactive and defensive stance normally implemented with the use of Access Control-Lists (ACLs) and firewalls.
Too effectively conduct a security assessment so it is beneficial to an organization, a proven methodology must be followed so the assessors and assesses are on the same page.
This presentation will evaluate the benefits of credential scanning, scanning in a virtual environment, distributed scanning as well as vulnerability management.
The project title for this task force is “Cyber Security Maturity Model for Organizations”. Some of the
key things that you are going to learn from this presentation is:
The user organizations will learn, how to easily adapt a cyber security maturity assessmentmodel based on the widely accepted frameworks such as NIST CSF and ISO27001:2013
The readers will learn about the core information security domains and how to plan forsecurity activities around those core domains
The readers will learn how to prioritize the security budget and draw out the securitycontrol implementation roadmap for their organization
The readers will learn to apply a risk informed approach to information security for theirorganizations which can be used to educate about and sell security to their CEO’s and board members.
ControlCase covers the following:
•What is PCI DSS?
•What does PCI DSS stand for?
•What is the purpose of PCI DSS?
•Who does PCI DSS apply to?
•What are the 12 requirements of PCI DSS?
•What are the 6 Principles of PCI DSS?
•What are the potential liabilities for not complying with PCI DSS?
•How can we achieve compliance in a cost effective manner?
Defining an IT Auditor,
IT Auditor Certifications & ISACA,
IT Audit Phases,
Preparing to be Audited,
How IT auditor audits an Applications,
Auditing technology for Information System.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
Control physical and logical access to assets, Manage identification and authentication of people and devices, Integrate identity as a service (e.g., cloud identity),
Integrate third-party identity services (e.g., on-premise), Implement and manage authorization mechanisms, Prevent or mitigate access control attacks, Manage the identity and access provisioning life cycle (e.g., provisioning, review)
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny ZeltserAnton Chuvakin
The log cheat sheet presents a checklist for reviewing critical system, network and security logs when responding to a security incident. It can also be used for routine periodic log review. It was authored by Dr. Anton Chuvakin and Lenny Zeltser.
The first portion of content presented as part of the IAInstitute's pre-conference workshop at the 2009 IA Summit in Memphis, TN. "Beyond Findability: Re-framing IA Strategy and Practice for Turbulent Times" http://iasummit.org/2009/program/pre-con/beyond-findability/
There were no "notes" for this one, so it doesn't have the long-format pdf, just the slides.
HOST AND NETWORK SECURITY by ThesisScientist.comProf Ansari
Network management means different things to different people. In some cases, it involves a solitary network consultant monitoring network activity with an outdated protocol analyzer. In other cases, network management involves a distributed database, auto polling of network devices, and high-end workstations generating real-time graphical views of network topology changes and traffic. In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks.
In IT industry – You going to need a security certification
In the US Military or a government contractor- required in most cases
(DoD 8570.01-M) / State Department Skills Incentive Program
Short Video about Security +
Exam Objectives
Exam Content
Taking the exam
Practice Questions
Tips to Prepare
SDN Security: Two Sides of the Same CoinZivaro Inc
When it comes to Software Defined Networking (SDN) Security there are two sides of the story. This webinar addresses both sides – what security vulnerabilities exist in modern SDN technologies and how SDN technologies can create new security protections. Also included are use cases that SDN solutions can provide and the new applications of SDN that can secure modern enterprise and data center environments.
Presented by GTRI CTO, Scott Hogg, in a webinar on June 9, 2016. For more information, visit http://www.gtri.com/.
A COMBINATION OF THE INTRUSION DETECTION SYSTEM AND THE OPEN-SOURCE FIREWALL ...IJCNCJournal
There are many security models for computer networks using a combination of Intrusion Detection System and Firewall proposed and deployed in practice. In this paper, we propose and implement a new model of the association between Intrusion Detection System and Firewall operations, which allows Intrusion Detection System to automatically update the firewall filtering rule table whenever it detects a weirdo intrusion. This helps protect the network from attacks from the Internet.
Similar to Network Architecture Review Checklist (20)
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Key Trends Shaping the Future of Infrastructure.pdf
Network Architecture Review Checklist
1. Sr.
No.
Review Area Question/Control description Suggested Verification step Evidence/Artificats
1 Documentation Has the design of the network been formally documented?
1)Check if a documented network diagram exists?
2)Check that the design has been through a formal review and sign-off
process and that it is now under change control.
1)Network Diagram
2)Version Control
3)Formal review & sign-off
2 Documentation
Have the security requirements of the organization been
identified and incorporated in the design?
1)Determine if the requirements for the network have been formally
documented.
2)Confirm that security requirements are addressed (eg confidentiality of
network traffic,encryption)
3)Check if sizing and growth information have been incorporated in the
design.
1)Network Design document
2)Network Capacity Planning
document
3
Firewall rule
Change
Management
Is the implementation and change of traffic filtering rule
sets subject to strict change management procedures?
1)Verify the firewall rules & respective approved change management
requests/tickets
2)Ensure all changes are formally documented and include at minimum the
date of the change, the name of person making the change and the reason.
1)Change management
requests/tickets
2)Firewall change management
procedure.
4
Firewall rule
Review
Periodic review of Firewall rules
1)Check if periodic review of firewall rules is carried out?
2)Check if not used/expired firewall rules are removed/disabled?
1)Firewall rule review
2)Firewall rules
5
Intrusion
Detection/Preventi
on
Are Intrusion detection system sensors placed in the correct
location to detect attempts to penetrate the network?
1)Check if IDS/IPS sensors are placed in a position to detect attempts to
penetrate.(eg before or after firewalls or all points of entry and exit in a
network).
2) Check if the critical & sensitive systems are protected by IDS/IPS
1)Network Diagram
2)Discussion with Network
Admin/Architect
6
Network
Addressing
Does network addressing scheme that is specified in the
design make the network scalable,optimal & manageable?
1) Are the network address ranges contiguous and facilitate a hierarchical
approach to network?
2)Is the private address ranges being used facilitate easy diagnosis of
network problems.
3)Does it make the networks more difficult to extend?
1) Network Addressing Scheme
2)Router/Switch configuration
3)Discussion with Network
Admin/Architect
7 Network Design
Does the design of the network incorporate coherent
standards/Regulations?
1)Check if the design of the network complies with relevant & applicable
standards & regulations (e,g RBI guidelines,PCI-DSS,Data Privacy)
1) Verify compliance against relevant
applicable standards
2. 8 Network Design Is consistent naming standards included in the design
1)Check if the design incorporates consistent naming standard for the various
components in the network.
1) Veify for naming standards in the
design document
9 Network Filtering
Are network filtering devices configured to filter specific
types of traffic (eg IP address, port), block or restrict
particular types or sources of traffic, and limit the use of
communications that are prone
to abuse?
1) Check firewall rules are configured with default-deny stance
2) Check firewall rules for traffic filtering ports by IP address & ports and not
ANY ANY.
1)Firewall rules
10 Network Routing
Are the routing methods used in the design making the
network vulnerable to errors or latency?
1)Are both static and dynamic routing being used?
2)Review the routing table and verify that the route followed is optimal for
dynamic routing?
1)Router configuration
2)Routing table
11
Network
Segregation
Does the design of the network include distinct sub-
networks, protected by rule based traffic filtering?
1) Check if network is divided into sub-networks based on criticality
2) Check if the traffic between the sub-networks are protected by a network
filtering device (e,g firewall,core switch with FWSM).
1) Network diagram
2) Firewall rules/ACL's
12
Network
Segregation
Does the network make use of VLAN's?
1) Confirm if VLAN's are being used and check if networks are segregated
based on criticality.
1)Network Diagram
2)VLAN configuration
3)Core Switch configuration
13
Network
Segregation
Is Inter VLAN routing enabled?
1) Check if inter VLAN routing is enabled?
2) Review the Core Switch ACL's
1) Switch Configuration
2)VLAN config details
14
Network
Segregation
Verify if appropriate segregation is implemented between
wired and wireless networks?
1) Check if the wired & wireless networks are segregated by a firewall.
1)Network Diagram
2)Discussion with Network
Admin/Architect
15
Network
Segregation
Public facing devices placed in DMZ
1) Are all public facing devices placed in DMZ
2)Are all public facing systems placed on different DMZ's based on criticality
& functionality of the system.
1)Network Diagram
2)Discussion with Network
Admin/Architect
16 Perimeter Security
Have all entry/exit network points are clearly identified in
the network design.
1)Confirm that all entry / exit points are clearly identified in the network
design.
2)Check that all entry / exit points serve a key business purpose.
3) Verify the security requirements for all entry/exit points
1)Network diagram
2)Discuss with the network admin the
purose of each entry/exit points
3)Encryption,VPN,access control
filtering for each entry/exit point
17 Perimeter Security
Have mechanisms been implemented to control all traffic
that enters and leaves the network (eg through the use of
firewalls/UTM or screening routers)?
1)Check if all entry & exit points are protected by appropriate filtering using
firewalls,UTM or screening routers?
1)Network diagram
2)Firewall config
3)Discussion with Network
Admin/Architect
3. 18
Third Party
Connections
Third party connections to the network been identified &
secured
1) Have all third party connections identified?
2)Ascertain if access is restricted to only certain parts of the network.
3) Verify if appropriate level of encryption is implemented (i.e VPN)
1)Network diagram
2)Firewall config
3)Discussion with Network
Admin/Architect
19
Remote User
Access
Remote user access protection
1)Request an explanation of how remote users are authenticated.
2)Check that all remote connections are logged.
3)Confirm that remote access logs are reviewed.
4)Confirm user access review is carried out regularly
1)VPN configuration
2)ACS/RSA configuration
3)Discussion with Network Admin
20
Unauthorized
connections
Regular audit of unauthorized connections
1)Establish if a variety of methods are employed to detect unauthorised
connections (eg manual audit, review of telecommunications supplier bills,
use of network discovery tools, war-dialling).
2)Determine how often checks are carried out.
3)Check that when external connections are no longer required, they are
removed promptly.
4) Regular Wardriving exercises are carried out to locate rogue access points.
1)Network Security Policy
2)Discussion with Network Admin &
Information Security Team
21
Authentication
Authorization &
Accounting
AAA systems are in place for network devices 1) Check TACACS or RADIUS is in place for network and security devices
1)TACACS/RADIUS/ACS
configuration
22 Network Logging Ensure appropriate logging and review is carried out
1) Ensure all devices events are logged and directed to syslog
2)Verify if log access review is carried out
3) Check the availability of Log correlation tools and effective use of it.
1) Discussion with Network Security
Team
2) Check the adherence for Policy
interms of logging
23 Time Server All network & security devices are time synchronized
1) Check the availability of NTP server
2) Check if all devices get their time synchronized from this NTP server
1) NTP server configuration
4. 24 Network Resilience
To ensure that the network is suppported by a robust &
reliable set of hardware & software
1) Have all single point of failures (SPOF) in the network identified?
2)Request information on redundancy measures that have been employed(eg
multiple carriers, dual operations centres).
3)Confirm that all critical network devices can be reached via more than one
path.
4)Check that network protocols have been implemented that are capable of re-
routing traffic in the event of network failure (eg OSPF).
5)Check that resilience arrangements for communication links do not
ultimately depend upon common circuits (eg from a common carrier).
6)Check that arrangements to use alternative service providers are adequate
(eg by reviewing contractual documentation that exists).
1) BCP/DR documents for Networks
2) Susceptability Analysis reports
3)Network diagram
4)Discussion with Network Admin
25 Network Resilience Network resilience arrangements are tested.
1)Ensure that the fall-back measures specified exist and have been tested to
ensure they work correctly.
2)Is there a programme of testing to ensure fall-back mechanisms operate
correctly. This testing should simulate, as far as possible, the live operational
conditions that will be required (eg similar volumes of traffic).
1)BCP/DR test reports
26 Network Resilience Preventive maintenance is carried out
1)Is preventive maintenance conducted on a regular basis?
2)Are proper records being kept of the equipment type, make, model and its
service history?
1) Preventive maintenance reports
2) Network asset register
3) Capacity planning documents
Disclaimer
All part of this document may be reproduced,stored in a retireval system,or transmitted in any form or by any means, electronic, mechanical ,photocopying ,recording, scanning or otherwise.While the author
& G4H have used their best efforts in preparing this work,they make no representation or warranties with respect to the accuracy or completeness of the content of this book.The advice and controls herein
may not be usable for your situation, you should cosult a professional where appropriate.Neither G4H or the author shall be liable for any loss of profit or any other commercial damages,including,but not
limited to,special,incidental,consequential or other damages.