Main menu

Network Security Workshop

Purpose

2020 Teknology Network Security workshop is a collaborative working session to identify achievable, prioritized recommendations finely tuned to your most pressing concerns, while considering your timeframe, budgetary constraints, and the need to maximize existing investments.

Process

We start by working with your team to define a customized Capabilities Model (CM) – a mapping of your relevant security policy and business requirements to the specific security controls and to the people, process, and technologies needed to achieve your goals. The CM assigns relative weights to each requirement, reflecting its importance to your overall IT risk program. Once defined, it is used as a framework to ensure buy-in from all stakeholders, focus information-gathering, and serve as the baseline reference for gap analysis and recommendations.

Deliverables

  • Capabilities Model
  • Security architecture gap analysis

Below is summary of follow-on deliverables that may result from workshop. 

  • Model Topology - Modeling the network topology is critical to assessing risk.
  • Construct Access Policy and Test Changes - This test is intended to construct a policy, within the zones and policies component, for a network segment with strict access controls based on your access control policy.
  • Traffic Risk Assessment - This test is intended to perform a series of “what if” scenarios to assess the viability of Traffic Risk Assessment function for use in the change management process.
  • Vulnerability Assessment and Prioritization - import vulnerability data and correlates it with the layer 3 device configurations. The assessment will reveal vulnerabilities and:
    • Provide a quantified risk score
    • Show which vulnerabilities can actually be exploited (standard assessment can't show that because it doesn't know the router/firewall access to different subnets)
    • View the actual access from and threats from any given subnet/asset on the network.
  • Correlate your vulnerability scan data into the indexed network segments. Identify the intersection between access and vulnerabilities and identify downstream attacks or multi hop attacks to prioritize remediation based on risk. Also can provide a penetration blueprint.
  • Device Validation – identify configuration based issues commonly encountered based on security best practices. Many of these best practices are based on NIST and are typically the cornerstone of a breach by providing unnecessary access or unsecured protocols.
  • Reports
    • Compliance Report – both internal and external compliance.
    • Vulnerability management, including: remediation priority, threat surface report, breakdowns of vulnerability risk and exposure over time.
    • Best practices report by device organized by highest risk.