LAN / WAN Audit / Network Upgrade Audit

NASDA network audits provide easy to understand documentation of your network infrastructure. This enables you to pinpoint weaknesses in your infrastructure and enables you to successfully plan for future changes. It is extremely important to have a complete network infrastructure document for your network. Without a network infrastructure document it is very difficult to manage future changes and to pinpoint troubleshooting.

A network infrastructure document details every aspect of your LAN and WAN. It includes items such as:

Router configurations. Interface configurations, VPN configurations, Link bandwidths, Security permissions etc.
Firewall configurations. Interface configurations, Security policy's etc.
Server configurations. IP Addresses, DNS, WINS, Shares, Permissions, Backup procedures, Dial Backups etc.
Desktop configurations. IP Addresses, DNS, WINS, Shares, Permissions, User accounts etc.

Wireless Network Audit

NASDA primarily audits wireless networks for security weaknesses. Misconfigured wireless access points can completely open up your network to the outside world, from which your local network could be used to exploit vulnerabilities on internal hosts.

We fully document wireless access points for known vulnerabilities. We scan for misconfigured or non existent encryption, MAC address protection and latest firmware updates/vulnerability.

We also have the ability to scan your network for rogue access points intentionally configured to provide insecure access to your network.

External Network Vulnerability Testing:

NASDA provides an external vulnerability service to test your internet facing machines / devices for misconfigurations and known vulnerabilities. It is extremely important to understand your weaknesses from an external viewpoint. If your network has not been locked down professionally you are most likely at a security risk. Most servers / hardware products do not come pre-configured to protect your network.

Initially we run external port scans against your internet facing machines / devices to determine what services you currently have open to the internet. We use two products to do this. Nmap and Scanline. Two of the internet's most trusted port scanners.

Once we have established the services you are running we run 4200 vulnerability tests against your machines / devices for known vulnerabilities. We scan for vulnerabilities with the internet's most trusted vulnerability scripts. The NESSUS scripts. The NESSUS scripts are a continually updated database of vulnerability tests that determine whether or not services you are providing have known vulnerabilities.

Once we have established any vulnerabilities on your machines / devices we take the appropriate steps to rectify these vulnerabilities.

For more information on the NESSUS scripts please click here.

Internal Network Vulnerability Testing:

NASDA provides an internal vulnerability service to test your internal desktop and server machines for misconfigurations and known vulnerabilities.

We use a number of tools to scan for vulnerabilities and misconfigurations. As with the external scanning methods, we also use Nmap and Scanline to scan for open ports on your internal machines. We analyse the results for rogue services like trojans, hacking tools and unintentionally open services. To scan for known vulnerabilities we use GFI's LANguard Network Security Scanner to scan your LAN.

GFI LANguard Network Security Scanner (N.S.S.) checks your network for all potential methods that a hacker might use to attack it. By analysing the operating system and the applications running on your network, GFI LANguard N.S.S. identifies possible security holes.

For more information on GFI LANguard Network Security Scanner please click here.