- July 28, 2022
- Posted by: admin
- Category: IT Security
Configuration Review is an essential component of any comprehensive security audit. A Secure configuration review looks at the configuration of critical devices of your IT network including Servers, Firewalls, and other networking devices to evaluate the security effectiveness of the IT environment. It ensures that your network meets current security standards and policies. The review is based on Information Security standards such as NIST Framework & CIS benchmarks, vendor guides, and known issues. An insecurely configured network could give an attacker easy access to your network, critical data, and assets.
A review of the infrastructure devices is performed to analyze the current configuration, looking for security gaps or vulnerabilities from both a best practice perspective as well as a realistic risk perspective. The configuration review is performed using offline configuration review which includes the offline configuration script review to identify security flaws in the network device configuration files or using credential review where an authenticated agent will try to identify the configuration flaws in the network devices.
Some of the broad level categories which are looked at during the review, but are not limited to include
> Access Control Settings
> User Account-related Policies
> Password Policy
> System & Account Authentication Security settings
> Network and Print Sharing Privileges
> Network ports open on systems
> Network services running on the system
> File System Permission Settings
> Logging settings and Auditing Policies
> Networking and TCP/IP Settings
> Security Patches and Critical Updates
> System Authorization/Privileges
> File Sharing
> Temporary file/folder permissions
Security Configuration Review
Our Security Configuration Review assesses the current state of your security configuration with respect to Industry’s infrastructure and security recommendations. A review intends to identify portions of the network and apply an appropriate level of security. It will identify the risks to your network, network resources, and data. It helps maintain a workable balance between security and required network access. Configuration review consists of:
> Providing a comprehensive and detailed security configuration audit comprising network components such as firewalls, switches, routers, and servers. It ensures that weaknesses in their configuration are identified, reducing the risk of a security incident.
> Any vulnerabilities or weaknesses in the configuration of security devices are fully documented in a report, which includes detailed recommendations to address the issues.
> Summary of Findings Report providing a full overview of the posture of your network infrastructure. It’ll show you where to start to address security holes and how to protect your infrastructure and systems.
Configuration Review is also performed as part of the VAPT exercise.