Cisco-training

Insoft Services is een van de weinige aanbieders van opleidingen in EMEAR tot een volledige reeks van Cisco-certificering en gespecialiseerde technische opleiding aan te bieden.

Lees meer

Cisco-certificering

Ervaar een blended learning-aanpak die het beste van door een instructeur geleide training en e-learning in eigen tempo combineert om u te helpen zich voor te bereiden op uw certificeringsexamen.

Lees meer

Cisco Learning Credits

Cisco Learning Credits (CLCs) zijn prepaid trainingsvouchers die rechtstreeks bij Cisco worden ingewisseld en die het plannen van uw succes eenvoudiger maken bij de aankoop van Cisco-producten en -services.

Lees meer

Cisco Continuing Education

Het Cisco Continuing Education Program biedt alle actieve certificeringshouders flexibele opties om opnieuw te certificeren door een verscheidenheid aan in aanmerking komende trainingsitems te voltooien.

Lees meer

Cisco Digital Learning

Gecertificeerde medewerkers zijn GEWAARDEERDE activa. Verken de officiële Digital Learning Library van Cisco om uzelf te informeren via opgenomen sessies.

Lees meer

Cisco Business Enablement

Het Cisco Business Enablement Partner Program richt zich op het aanscherpen van de zakelijke vaardigheden van Cisco Channel Partners en klanten.

Lees meer

Cisco trainingscatalogus

Het Cisco Business Enablement Partner Program richt zich op het aanscherpen van de zakelijke vaardigheden van Cisco Channel Partners en klanten.

Lees meer

Fortinet-certificering

Het Fortinet Network Security Expert (NSE) -programma is een training- en certificeringsprogramma op acht niveaus om ingenieurs van hun netwerkbeveiliging te leren voor Fortinet FW-vaardigheden en -ervaring.

Technische trainingen

Fortinet-training

Insoft is erkend als Fortinet Authorized Training Center op geselecteerde locaties in EMEA.

Lees meer

Fortinet trainingscatalogus

Bekijk de volledige Fortinet trainingscatalogus. Het programma omvat een breed scala aan cursussen in eigen tempo en onder leiding van een instructeur.

Lees meer

ATC Status

Bekijk onze ATC-status in geselecteerde landen in Europa.

Lees meer

Fortinet Professionele Services

Wereldwijd erkend team van gecertificeerde experts helpt u een soepelere overgang te maken met onze vooraf gedefinieerde consultancy-, installatie- en migratiepakketten voor een breed scala aan Fortinet-producten.

Lees meer

Microsoft-training

Insoft Services biedt Microsoft-trainingen in EMEAR. We bieden technische trainingen en certificeringscursussen van Microsoft aan die worden geleid door instructeurs van wereldklasse.

Technische cursussen

Extreme-training

Find all the Extreme Networks online and instructor led class room based calendar here.

Technische cursussen

Technische-certificering

We provide comprehensive curriculum of technical competency skills on the certification accomplishment.

Lees meer

Extreme trainingscatalogus

Leer uitzonderlijke kennis en vaardigheden van Extreme Networks

Lees meer

ATP accreditatie

Als geautoriseerde trainingspartner (ATP) zorgt Insoft Services ervoor dat u de hoogste onderwijsnormen krijgt die beschikbaar zijn.

Lees meer

Services Oplossingen

Wij bieden innovatieve en geavanceerde ondersteuning bij het ontwerpen, implementeren en optimaliseren van IT-oplossingen.Ons klantenbestand omvat enkele van de grootste Telco's ter wereld.

Oplossingen

Wereldwijd erkend team van gecertificeerde experts helpt u een soepelere overgang te maken met onze vooraf gedefinieerde consultancy-, installatie- en migratiepakketten voor een breed scala aan Fortinet-producten.

Over ons

Insoft biedt geautoriseerde trainings- en consultancydiensten voor geselecteerde IP-leveranciers. Ontdek hoe we een revolutie teweegbrengen in de industrie.

Lees meer
  • +31 71 799 6230
  • You can unsubscribe from these communications at any time. For more information please review our Privacy Policy. By clicking 'Send Message' below, you consent to allow Insoft Services to store and process the personal information submitted above to provide you with the content requested.

    Enterprise Network Security Posture Assessment

    10th May, 2022

    What is that one thing within an enterprise that could be considered the nerve system? I think it’s the network. Your enterprise network facilitates communication and the sharing of information, it also allows everyone in the organization to access tools they need to execute on their day to day tasks.

     

     

    For such a critical and sensitive resource, your organization must ensure data integrity by making sure no one gains unauthorized access. That’s where network security; specifically network penetration testing can help. In this article, I aim to guide you through the whole network penetration testing and/or vulnerability assessment process.

    What is a Network Security Assessment?

    Network Security Assessment is aimed at identifying vulnerabilities in networks; hosts, servers, routers, and switches that can be exploited by hackers. This typically involves one doing what a bad actor would do; identify and exploit security flaws. After identification, one has to fix the network security flaws. Network Security should be a top priority for all organizations and security assessments should be conducted regularly.

    A network security assessment will reveal existing real-world opportunities for malicious actors to be able to gain unlawful access to sensitive data or even completely take-over systems and consequently compromise systems and networks.

    Some of the common system vulnerabilities include misconfigured software, firewalls, and operating systems, outdated software and operating systems, insecure protocols and unnecessarily open ports.

    Types of Network Security Assessments:

    • Vulnerability Scanning: This uses automated systems (such as Nessus, ISS Internet Scanner, QualysGuard, or eEye Retina) with minimal hands-on qualification and assessment of vulnerabilities.
    • Penetration Testing: This involves more offensive external, internal and physical/social attacks. This tests the true strength of your network. Although Penetration Testing Software attempts to penetrate your network, it is not running an active code that could be harmful. Implementing a Pen Test is secure as long as the vulnerability is kept within the scope of the assessment.

    Network Security Assessment Methodologies

    • Black Box Assessment: According to this method, the security team tries to find ways to get into the company’s network ‘from the outside.’ What can they see in this case? Public IP addresses, the external interface of a firewall, systems located in the demilitarized zone (DMZ), etc. No administrator privileges, no access to databases are provided to penetration testers.
    • White Box Assessment: With this approach, the security team tests the network ‘from the inside,’ having all the privileges of the network authorized users. The security engineers have administrator access to all the servers inside the network.
    • Gray Box Assessment: This approach encompasses both methods above but is more comparable to black-box vulnerability assessment. Security engineers conduct Gray box vulnerability assessments if they get some information on the organization’s network, such as user login details, but they don’t get access to the entire network.

     

     

    Stages of Network Security Assessment

    To get a clearer understanding of the assessment process, let us look at the six common stages that you go through on every assessment.

    Step 1. Planning and Defining the Scope

    The network security assessment team deliberates with the customer on the assessment objectives and the scope of work. For instance, security engineers can be tasked with performing vulnerability assessment tests on an enterprise’s internal subnetworks and help with meeting PCI DSS compliance standards.

    Step 2. Intelligence Gathering

    This stage is also referred to as reconnaissance. It involves the discovery of all accessible endpoints and the services or applications they are running. The endpoints include both physical and virtual components, firewalls, antivirus software, intrusion detection and prevention systems. The team identifies whether the network has open ports or services that shouldn’t be running. A keen look is also taken on the endpoint configurations, including any deployed SIEM products.

    Step 3. Scanning and Enumeration

    In this stage, the security team uses tools such as Nmap, Nessus, and Nikto to scan actively against target clients to fingerprint running services and operating systems. “Footprinting” of the network is carried out with the use of automated tools, such as Nmap, a network analysis tool.

    They also perform enumeration; just looking at items and digging into them to see if we can find anything of value. Say there is a web server running on port 80, it is seen that port 80 is open and it’s running something like Apache 1.2 which will be really really outdated. The team conducts research to find out if Apache 1.2 has any exploits for it etc, that falls within the enumeration portion.

    Step 4. Exploitation

    After getting done with information gathering, scanning and enumeration, the team moves into the gaining access portion. They can attempt to escalate privileges, pivot and exploit the trust relationship between the compromised and other servers. They will run an exploit against the client or against a vulnerable service or whatever it may be to try and get access into a machine or into a network or environment etc. After gaining access, the team also works to maintain that access, for instance, if they are logged out due to a machine being powered off etc.

    Step 5. Covering tracks

    And then lastly there is the covering of tracks, the team deletes any generated logs, uploaded malware and any accounts that were created during the exploitation, this is really important.

    Step 6. Reporting and Documentation

    Finally, the team prepares an actionable report on discovered vulnerabilities in the enterprise network. This is backed up with evidence and a description of issues, targets affected and how exploiting those issues may affect the security posture of the enterprise. Recommendations on how to resolve and patch the vulnerabilities are also given.

     

     

    How Can One Get Started?

    Some of the base skills needed to get started with network penetration testing include Kali Linux, Networking; OSI Model, subnetting and common network protocols, Scripting skills; Python and Bash/Shell, Metasploit, Burp Suite, Nessus, Active Directory, Wireless network hacking and OWASP. More specifically;

    • Develop proficiency with basic computer skills, know your way around a Windows or Linux machine. Develop proficiency with installing operating systems, creating bootable USB drives and how to boot from a USB drive. You additionally need to learn about what BIOS and UEFI are.
    • Start playing with Linux and Kali. You really need to learn about Linux if you intend to get into hacking exploits, Windows OS is very limiting, therefore there’s no other way around it, learn Linux! Learn how to find out your IP Address, learn about the Linux Filesystem, learn how to create a User Account, learn about root, Sudo and the Apt Package Manager.
    • Learn the fundamentals of network infrastructure and security. This lays out the very foundation of cybersecurity. You must develop proficiency with network fundamentals such as the most used network protocols, learn about the OSI Model, what a Switch is, what a Firewall is; learn about Firewall Rules and policies, how to control traffic in your own network and how to block certain devices from going out to the Internet Intrusion, TCP and UDP, VLAN’s, IP Addresses and Subnetting.
    • Learn about windows servers and domains. Each and every company will run some kind of Active Directory or other authentication, Windows still being the most dominant. You have to have at least a basic understanding of how Domain Authentication works and how user accounts and computers are connected with a Domain Controller.
    • In addition, with the unabated increase in the adoption of Cloud technologies in enterprise network environments, developing proficiency with Cloud Computing and security in the cloud expertise will be an added advantage.

    To learn more about CyberSecurity career pathways, make sense of what roles lead to which paths and what skills or certifications are applicable, using an easy to use graphical visualization.

    How Insoft Services can help

    It’s hard to manage Cyber Security risk without having a full picture of your enterprises vulnerabilities. That’s why a network security assessment is so important. It helps you develop a map of your IT infrastructure that shows you where all your weak spots are.

    It is best to have a 3rd Party to run the Network Security Assessment and help implement necessary changes. Drawing from our extensive experience in Cyber Security training, not only will we provide you with the right Network Security Assessment, but we can also consult on and implement any changes that need to be made.

     

     

    More Blogs for you: