Assessment

NCC SecureAid Assessment Services

The NCC SecureAid Security Assessment provides our customers with network security evaluations.  Security evaluations are separated into two parts, an external or perimeter evaluation and an internal evaluation.  NCC Networks provides a “Perimeter Defense” security evaluation and a “Full Network” security evaluation.  A “Perimeter Defense” consists of a series of “blind” information gathering sessions from the Internet, followed by a series of simulated attacks from an Internet segment on the customer’s premises.  These simulated attacks and other checks include:

• Denial of Service
• Intrusion
• Port and Network Segment Scan
• Operating System and Service Vulnerability Report
• Inbound and Outbound Virus Protection Check
• Trojan Intrusion Defense
• Authentication Verification
• Firewall Best Practices Check
• Internet Router Best Practices Check

• Recommendation Report

A “Full Network” security evaluation includes all of the checks and reports of a “Perimeter Defense” evaluation plus an evaluation of devices on the internal network.  The evaluation of these devices includes:

• Server Operating System Vulnerability Report
• SNMP Community String Check
• Service Vulnerability Report
• Open Ports / Services Check
• Secure Routing Best Practices
• Authentication and Security Server System Check

• Recommendations Reports

After security audits are complete, an itemized report with explanations and results will be given. In these reports are details on the specific vulnerabilities found for each system and the recommended action to resolve each specific issue.