Network Security Assessment | Patch Management


Added on  2019-09-26

7 Pages1603 Words150 Views
Network Security AssessmentPart – 2Network System Security and Recommendations

Network System Security RecommendationsAfter having a complete vulnerability assessment in the Part – 1 section in this part will be consisting of recommendations keeping in mind the flaws and network vulnerabilities addressed in the security assessment report submitted in Part-1. We will be taking each security issue one by one and will be recommending the measures needed to overcome the security issue.Patch Management.Patch management is a very complex and critical process, thus recommend following the steps and actions to ensure proper and successful deployment of the patches to the systems as well as devices on the network. The patch management is time consuming process so it is to be done in aplanned manner. This will also depend on the organization's network infra, OS requirements and overall security posture. Firstly we need to develop an inventory of all production systems; this should include OS types, IP addresses, physical location, connections and function. Then we need to devise a plan for standardizing production systems and make sure that all the systems areof the same version of OS or software. The list should also include the network devices like routers, firewalls, IPS IPD and Wireless systems as well as their configurations. Compare reported vulnerabilities against your inventory and control list and download and get the latest update or patches of the systems. The risk should be classified and the vulnerabilities of the outdated systems should be assessed in the environment and also the likelihood of the attacks. Then we should move forward by applying the patches. So now you have an updated inventory of systems, a list of controls, a system for collecting and analyzing vulnerability alerts and a risk

classification system. After determining the patches we need to install. The deployment of the patches and updates should be done without disrupting uptime or production. Misconfigured Firewall Rules and PoliciesWhen configuring or modifying a firewall configuration, it is very important to consider and evaluate the potential security risks to avoid future security issues. Security is a relatively complex for deployments and varies from case to case. But these points should be kept in mind to ensure proper deployments of the firewall rules so that the rules are not allowing any malicious traffic or leave any option for that. All the traffic from outside the network or from the internet should be blocked and only the traffic important and which is needed to be passes shouldbe configured explicitly for the known services. This is an excellent strategy to prevent the possibility of security breach because of misconfigurations. We can achieve certain behavior by configuring the last rule in the access control list applied to the interfaces to deny all traffic after permitting explicitly the other traffic. This can be done explicitly or implicitly, depending on the scenario and requirement. The rules configured should be as specific as possible this should be kept in mind while configuring the rules as this prevent from leaving any service which is not used by the network to be opened for access from outside by mistake. These parameters should be kept in mind while configuring the firewall rules. Source AddressDestination AddressIP ProtocolPort/Service

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Network Security Fundamentals: Vulnerabilities, Security Devices, Policies and More

Desklib - Online Library for Study Material with Solved Assignments, Essays, Dissertations

Network Security Fundamentals - Vulnerabilities, Devices, Segregation, Firewall Policies and Rules

ICTNWK509 Design and Implement a Security Perimeter for ICT Networks

Operating System Security

Security Presentation and Guidebook - IT Security