dinagaran2000
asked on
Network Security in ADSL and CIsco
Hi
We have client with 24 branches and One HO connected to ADSL with static IP and ASA firewall. We need to check security and vulnerability test in the entire network for both External and Internal. Wherecan i get the tools and also i need to cross check it mannually.
All branches are connected with site to site VPN. Branches got ADSL Router, Firewall ASA 5505 and 5-10 pcs. HO got DSL Router, Firewall ASA 5505, Two servers, and 10 pcs.
adsl-network.png
We have client with 24 branches and One HO connected to ADSL with static IP and ASA firewall. We need to check security and vulnerability test in the entire network for both External and Internal. Wherecan i get the tools and also i need to cross check it mannually.
All branches are connected with site to site VPN. Branches got ADSL Router, Firewall ASA 5505 and 5-10 pcs. HO got DSL Router, Firewall ASA 5505, Two servers, and 10 pcs.
adsl-network.png
i suggest you divide your Adudit into 2 portions;
1)LAN
2)WAN
LAN Segment you can futther divide into Serevrs, Firewalls, PCS.
for servers you can use Microsoft recomended tools ( for example-Microsoft Base line security Analiyser), Shark Network Monitor for windows envoirment etc. for any third part application you will find some auditing module in the application. many things you can check like user accounts, password polocies, backup polices, server hardware health, H/A solution
Firewall is very important, before you audit any H/W or Software firewall i suggest you understand LAN and Phusical network connection connected with F/W. after understanding connection you can check ACL, VPN, VPN Groups and polices, etc
Desktop/Laptop computers are very important.
WAN: you can check VPN Connection, Encryption types, Keys .....
you may find millions of network scaner availible on web, you can use any but i recomend use multiple scaners for one purpose, compare outputs and crocc check.
i also suggest dont install/run any third network monitor tool on a server, unless you know the impact, also please dont scan and live application
1)LAN
2)WAN
LAN Segment you can futther divide into Serevrs, Firewalls, PCS.
for servers you can use Microsoft recomended tools ( for example-Microsoft Base line security Analiyser), Shark Network Monitor for windows envoirment etc. for any third part application you will find some auditing module in the application. many things you can check like user accounts, password polocies, backup polices, server hardware health, H/A solution
Firewall is very important, before you audit any H/W or Software firewall i suggest you understand LAN and Phusical network connection connected with F/W. after understanding connection you can check ACL, VPN, VPN Groups and polices, etc
Desktop/Laptop computers are very important.
WAN: you can check VPN Connection, Encryption types, Keys .....
you may find millions of network scaner availible on web, you can use any but i recomend use multiple scaners for one purpose, compare outputs and crocc check.
i also suggest dont install/run any third network monitor tool on a server, unless you know the impact, also please dont scan and live application
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Didnt get the exact info
http://www.tenable.com/products/nessus