|
Learn what the outside world can see and compromise in your network
Today's networks are under constant threat from hackers, worms, Trojan horses, and viruses. According to a study completed
by the Meta Group, "300% more security threats and vulnerabilities to IT systems occurred in 2003 than in 2002, and the time
for these events to compromise entire networks dropped from days to hours."
At Merit Network, it is our goal to meet your Internet connectivity needs and to help you protect your network from security
threats. Merit Network is here to help! We now offer five security services to meet all of your networking security needs:
- Package A - Remote Port Scan
An automated scan using security software that will identify accessible systems and open ports on one Class C Network.
A network map and open TCP ports report is provided. A report of 1 to 2 pages per system is generated, and will include a
network map and a list of open TCP ports on each of the systems. Industry best practices are included and a 30-minute phone
consultation will be scheduled to discuss the report findings and to answer questions. This service lets you know what is
visible outside your network.
- Package B - Remote Port Scan & System Verification
An automated scan with some manual intervention by one of our security consultants, using security software that will identify
accessible systems and open ports on one Class C Network. Vulnerabilities and suspicious ports on your network are
identified. A report of 1 to 2 pages per system is generated and will include a network map and open TCP ports.
Industry best practices are included and a 30-minute phone consultation will be scheduled to discuss the report findings
and to answer questions. This service lets you know what can be seen on your network, and what ports or services are
vulnerable to attack or appear suspicious.
- Package C - Remote Assessment
This is an actual assessment of system vulnerabilities. A large number of vulnerabilities are checked (approximately 2500)
and problems are identified. Depending on the number of systems, suspicious ports are manually checked by our security
consultants. A report is generated for each system scanned, which generally averages 10 pages per system. An additional
summary is produced identifying critical areas that need to be addressed as soon as possible. No more than 5 systems are
to be evaluated unless time and material charges apply. The 5 systems to be evaluated are selected by the customer and an
in-depth evaluation is performed.
A report will include a network map, and a list of open TCP ports and vulnerabilities on each of the systems evaluated.
Industry best practices are included and a 30-minute phone consultation will be scheduled to discuss the report findings and
to answer questions. This service lets you know what security problems are present on your network's 5 most critical systems.
- Package D - Remote Class C Network Assessment
A remote port scan on one Class C Network to identify accessible systems and open ports with a Remote Assessment (Package C)
run on 5 of the most critical systems. The customer may choose the systems to be evaluated, or our security consultants will
determine which systems should be evaluated from the results of the remote port scan (Package A).
This product also verifies services, i.e. webserver running on port 80 is actually a webserver and the report identified
suspicious ports and services. The Network Assessment should take approximately 10 hours for the consultant to complete.
An additional summary is produced by the consultant summarizing all of the information discovered during the scan.
Industry best practices are included and a 30-minute phone consultation will be scheduled to discuss the report findings
and to answer questions.
- Package E - On-site Audit
A network audit aimed at determining the level of risk to an organization from network based attacks. This includes external
and internal network port and vulnerability scans, onsite visits, review of your network architecture, industry best practices,
and a one-hour on-site meeting to discuss the findings and answer any questions you may have. The security consultant may spend
up to 2 or 3 days onsite evaluating current policies, procedures, the state of physical and network security, and conducting
interviews. Each audit is tailored to the customer, but typical policies that may be reviewed include:
- Authentication Policies
- Audit Policies ( internal ports scans by staff, etc.)
- Acceptable Use Policies
- Account Termination Policies (staff, faculty, or students)
- Copyright Infringement Policy
- Data Backup Policy
- Disaster Recovery Plans
- E-mail Policy
- Encryption Policies
- External Access Policy
- Firewall Policies (protocols allowed to/from system)
- Intrusion Response Policy
- Malicious Activity Policy ( hacking, unauthorized access, etc.)
- P2P Software Policy (KaZaA, etc.)
- Password Policy (replacement, assignment, etc.)
- Physical Access Policy to Secured Areas
- Secured Areas
- Privacy Policy
- Public LAB Computer Policy
- Server Integrity Policy (use of file integrity tools, periodic system checks, etc.)
- Site Security Policy
- Virus Policy
- Web Policy (content, scripts, revision management)
- Wireless Access Policy (encryption, authentication, authorization, etc )
- Merit Network Customized Security Consulting Services
Our commitment to helping you protect your network to ensure safety, reliability, and business continuity is second only to our
commitment to you as our customer. Merit Network Security services can assist Members in a number of customized security
evaluations, and planning and implementation activities. In addition, we also provide emergency assistance for incident response
and recovery.
|
|
|
|
|
|
Need more information?
Contact a Merit Network Connectivity Specialist at
or 734-527-5700.
If you're a current Merit Member,
please contact your
Member Services Support Team.
|
|
|
|
|
|
|
|
