IPv6 Security Audit Services

Following the transition of IPv4 to IPv6 and its official launch on the 6 June 2012, there has been security concerns on IPv6 issues. To assist our customer in network security issues, Progreso Networks now offers IPv6 Security Audit Services. The IPv6 Security Audit Services will involved  the following 4 processes.

1. Internal Assessment

This process involves a review of the internal network setup and collection of relevant data for further analysis. Detailed evaluation works will be conducted against the main network components with focus on software versions, security capabilities, configuration parameters and conformance to organisation policies. Risks of security exploits and configuration flaws or enhancements will be identified by the end of the process.

Range of devices typically covered for evaluation:

• Routers
• Switches
• Firewalls
• Servers
• Client Hosts

2. External Assessment

This process is similar to the preceding one, except that it focuses on external facing devices. Evaluation of these devices encompass deeper examinations against extended guidelines, given their “frontline” position which exposes them directly to external security threats.

Devices typically examined in this process:

• External facing Routers
• External facing Firewalls
• External facing Servers

3. Penetration Testing

This common industry method used for evaluating security of a network serves to detect and confirm security vulnerabilities (including those identified in preceding processes) which can be exploited to attack - or access without authorization - the network (or systems within). Industry standard penetration test tools employed can automatically / manually generate bogus and malicious traffic towards the target network and systems to pick up security vulnerabilities and flaws. The security vulnerabilities identified [along with their associated severity level, proposed mitigation action(s)] will be documented in the penetration test report.

4. Review & Recommendation of Security Policies

The closing process of this security audit framework summarizes the outputs from preceding processes and provides recommendations (in the form of security policies or other suitable measures) to strengthen security protection of the assessed network and the systems within. A follow-up assessment may be opted for to validate enhancements introduced or security vulnerabilities closed, based on the recommendations.

Please click here for our brochure or contact us at 6509 9600.