What & Why
An organization's network infrastructure evolves over many years. Although this evolution is in direct response to the changing business needs, in many cases security has been an afterthought. Network and Systems changes, like any other change, will result in some or the other fault due to misconfigurations, deviations from industry best practices to quickly resolve irritants faced during the making the changes. All of this happens due a "for now" tactical approach to the change being implemented. Even implementing the most advanced security technologies of the day won't help if the underlying security architecture is flawed.
intiGrow can help organizations with its Network Security Architecture Reviews, by conducting a systematic examination of the all the layers of an organization's network. We will examine the existing network topology and deployment of the security controls within the organization like firewalls, IDS/IPS, network segmentation and make recommendations to increase the effectiveness of the security controls.
Our systematic approach to the evaluation of the current state ensures a detailed review of the current architecture, technology & security policy of the organization, management practices and planned changes. Our highly qualified and experienced consultants will identify network and design architectural weaknesses in security, performance, scalability. Our team of security experts will recommend improvements to better align the security architecture with business objectives, your organization's security policy and industry best practices.
Some of the aspects that will be examined are:
- Review latest Threat Risk Analysis report.
- Analysis of current IT network, information flow according to business requirements and points of access to information.
- Analysis of current security controls and procedures for various security management areas.
- Analysis existing network security architecture, including topology / configuration, and security components / features.
Based on the observations made, our consultants will provide an assessment of the existing security controls and make prioritized recommendations on improvements and/or additional controls to meet specified security policies and to mitigate all the threat vectors. Defense-in-Depth principles will be used to ensure security controls are applied for information transport, and access to networks, hosts, applications and data.