Network Devices

What Is It?

Your critical data is held on systems but these need to communicate with one another, which is where network devices help to support your organisation. Network devices can be hardware or software based and can be routers, switches, modems, media converters and encryptors as well as security providers such as firewalls, intrusion detection / prevention devices and virtual private network endpoints.

Why Assess It?

There are many reasons to conduct a network device security assessment, five of which are below.

Enforce Security Zones

Your organisation needs to provide access to data but there is a balance to be struck between leaving everything open and supporting organisational and operational needs in a secure fashion. With a network device security assessment, you can be assured that your users network traffic is segregated away from your critical infrastructure, that guest access is treated differently to your employees access and those employees connecting in remotely are sufficiently authenticated and protected to give some examples.

Identify Backbone Vulnerabilities

Threat actors do not differentiate between ways to obtain their end objective, they take the easiest path and network devices can themselves be a source of vulnerability. An example of this would be a threat actor attempting to gain access to a critical server but this would be made substantially easier if the firewall network device restricting the services exposed was compromised and the rules relaxed to allow more attack vectors.

Preserve Incident Response Capability

In the event that a compromise has happened, your ability to triage the events of the threat actor relies on non-repudiable logging and as threat actors generally reside and obtain privileged access to servers and end user devices this means that logs can be modified whereas a network device that captures malicious activity can be left unmodified, especially if deployed in a secure architecture. Through a network device security assessment, you will gain confidence in both the logging capability and the assurance in its integrity.

Alignment with Best Practices

Network devices are often managed on an individual basis, meaning that their configuration can differ per device, even when load balanced in an environment. Human errors also mean misconfigurations that create a security vulnerability are a common occurrence. By conducting a network device security assessment, you will ensure that the network devices are being managed as one and have been security hardened effectively.

Network Topology Validation

By conducting a network device security assessment you can obtain visibility around what layers of protection your organisation has and answer key questions to guide future investment or ensure a higher return on investment by enabling security functionality in devices at relevant points in the network.

The Agility Cyber Approach

Like all our engagements, we want you to get the most out of your network device security assessment and we do this by:

Working Efficiently

We give you accurate information to guide your security operations and secure a high return on your investment by the approaches we undertake such as reviewing configuration extracts versus labour and time extensive network scanning of devices, with the latter offering only indications of vulnerabilities whereby reviewing the configuration line by line we can present you a true picture of your security.

Not Tooling Dependent

We do not just run a device configuration review tool and report, we use prior knowledge and a deep understanding of security concepts to identify vulnerabilities and advise on how best to remediate them.

Specific Remediation Advice

Every organisation has a vendor of choice for their networking devices and we always ensure the remediation advice given is tailored to not only the vendors functionality but the specific commands needed for that device, reducing both the complexity and time needed for your teams to uplift your security posture.

Balancing Business Requirements

Most network devices offer a raft of security functionality however this is not always appropriate to enable. We find the balance of meaningfully uplifting your security posture whilst not creating an organisational burden or impeding employee activities.

The Bigger Picture

We take the time to understand where the network device we are reviewing is in your environment and what your expectations of it are. This is why we will ask for a network diagram to help guide the process. With a topological understanding, we are also able to identify any architectural vulnerabilities, such as a demilitarised zone that may in fact not be demarcated away from the internal infrastructure as an example.

Benefits of Partnering with Agility Cyber

Mutually Invested

Our experts work with you, not against you. There are no egotistical celebrations when a serious issue is discovered, just rapid full disclosure with pragmatic suggestions for effective remediation followed by ongoing support.

Clarity and Simplicity

We always provide clarity, believe in simplicity and value your time. An example is rather than waiting until the engagement starts, we will conduct open source intelligence gathering activities before the scoping meeting to help us understand your organisations position and risk posture thus enabling us to ask better questions, securing you higher value and saving you time.

Full Consultancy

Our team, based in the UK, is technically exceptional but we pair that with business sense to discover, triage and help you remediate the full range of security issues.

Impartiality

We are impartial, we do not sell you products or the latest buzzword laden trending solution.

Outstanding Service

We have an industry leading turnaround, agility is in our name after all. Proposals are shared with you within 24 hours of the scoping meeting. Accurate and complete daily debriefs are given during every engagement. The report is shared within 5 working days at the latest.

Scroll to Top