A deep dive into your network from the inside out.

Obtain an accurate understanding of your technical security and risk posture, while ensuring compliance with industry regulators and information security best practices. A network assessment provides an overview of the current network. It includes an examination of the infrastructure, performance, availability, management and security.

Our Network Assessment services include:

Comprehensive Security Assessment

A bundled service offering that combines the full scope of our Internet security services, including a comprehensive risk assessment, internal and external vulnerability assessments, application review and any corrective action necessitated by our findings.

Internal Vulnerability Assessments

A comprehensive security audit service for a variety of IT system resources. Audit includes application services, network systems and LAN infrastructure, network operating system (NOS), directory and user-level authentication services, desktop environments, and overall internal security strategies.

Risk Assessment

Whether you’re concerned about information, applications, networks, infrastructure, or  overall architecture; insider threats or external hackers; audit findings or gut feelings, our  highly trained and experienced consultants can conduct risk assessments of varying size and scope, and dealing with broad or narrow issues.  If you choose, Towerwall can also work with you to mitigate your security risks.

VoIP Assessment

Do you know if your VoIP phones and servers are segmented from the rest of your network? Even if they are, segmentation alone may not protect your voice assets. Towerwall, has developed an approach that is highly effective in testing the security of VoIP (Voice over IP) systems. This program includes controlled tests in which we will assess several vulnerabilities in VoIP systems and networks. Our methodology includes performing validation and testing to ensure that only “valid” vulnerabilities are reported. The following list outlines some of our objectives when attempting to perform a VoIP penetration test:

  • Hi-jacking phone calls
  • Recording and replaying voice calls
  • Voicemail tampering
  • Phone registration hi-jacking
  • Caller ID spoofing
  • Sound insertion
  • Access to phone administrative capabilities
  • Attacking systems within the voice VLANS to gain access to the internal network
  • Attacking VoIP client phones

Security Architect Review

During a security architecture review, interviews with key stakeholders responsible for administrative, operational or technological aspects of an organization’s internal information security program are conducted. The primary focus is on architecture components, but includes a high-level ISO 27002 review to ensure all aspects of information security are addressed in the context of a relevant framework. The framework is necessary to assure architectural recommendations address shortfalls within the overall information security program.

Firewall Security Reviews

Firewall security reviews are important because they identify vulnerabilities that cannot normally be detected through network penetration tests and black box network assessments.

Active Directory Reviews

Active Directory reviews are critical because of the role Active Directory plays in an environment and because the review allows us to identify vulnerabilities that cannot be detected through network testing.

External Vulnerability Assessments

We offer automated Internet security scanning services that test your network’s ability to thwart cyberthreats and prevent sophisticated intruders from defeating perimeter defenses. Using several proven Internet-based tools, this service is a cost-effective way to expose potential vulnerabilities.

Network Architecture Reviews

A network architecture review will evaluate the function, placement, and gaps of existing security controls and compare their alignment with the organization’s security goals and objectives.

During a security architecture review, interviews with key stakeholders responsible for administrative, operational or technological aspects of an organization’s internal information security program are conducted. The primary focus is on architecture components, but includes a high-level ISO 27002 review to ensure all aspects of information security are addressed in the context of a relevant framework. The framework is necessary to assure architectural recommendations address shortfalls within the overall information security program.

VPN Security Reviews

The VPN review compares your current configuration against recommended best practices and identifies any areas of concern. The assessment includes remote and onsite configuration review as well as an architecture review.

Mobile Device Review & Policy

The goal of this assessment is to identify potential holes in your organization’s security posture when it comes to mobile technology.

It’s becoming more and more common for workers to store work-related documents on their smartphones, tablet computers and other devices they bring to and from work each day. While this can be convenient–employees can access important documents at home or on the road–it also creates greater security risks for businesses. In order to resolve security problems with BYOD, managers should consult with IT specialists prior to allowing any mobile devices to be used. Managers need to understand which devices are most secure to use so that they can create a reasonable BYOD policy. They may also want to invest in software that helps keep track of mobile devices that are being used in conjunction with company networks so that they can more easily track devices for security purposes. Some employers require employees to download applications that encrypt files or require passwords to access the device. These measures can help cut back on security breaches from lost or stolen devices.