By internet Computing Solutions - www.icoso.com
P.O. Box 24234, Indianapolis, IN 46224 - Phone: 317-919-7831, Fax: 866-571-0372
 
 
  Internet Firewall Servers and Content Filtering


SECURE YOUR NETWORK

Firewall Vulnerability Testing, Scanning and Reporting

Put a stop to potential intrusions on your network. Find out what potential vulnerabilities your internet firewall connection has open. Our Comprehensive Scanning and Testing Reports will tell you the information you need to know.

.

What this service provides:

This service provides Vulnerability Testing and Reporting of your internet firewall and associated IP addresses. This includes a report for the block of IP addresses that your ISP has assigned to your place of business, up to 8 IP's per location per device/router or branch office. Here is an example of the Vulnerability Testing Report. Here is an exmaple of the Additional Notes we provide. Typically, if you have a business class DSL or Broadband service, your ISP will provide you with a block of 4 to 8 IP addresses per location or branch. Most often you only use 1 of those IP addresses, which is assigned to your firewall at your office. However, some firewalls can manage more than one IP address and can be configured to provide "additional services" to your internal network via these additional IP addresses and ports. We can test all of these IP addresses.

We provide you with a report that gives you a detailed view of the potential vulnerabilities at your point of access to the internet. This report identifies the ports that are open and any associated vulnerabilities, provides a description of the test, attempts to identify any potential services running, and provides a synopsis, description, additional resource links, possible solutions, and risk factors, if applicable, on those open ports. If a particular port or vulnerability is not reported, it is not considered a security risk. Click Here to Sign Up.

What can you do with this report?

This report can be provided to your auditors to show your compliance with vulnerability and penetration testing requirements. The information in the report can also be used by your network/pc consultants/administrators to determine what vulnerabilities need to be addressed and/or corrected and/or closed on your internet firewall/router. We provide tech support for any questions related to the report and its contents. If your network administrator has a question about a vulnerability that was found, we will provide as much information about that item to help you understand what that vulnerability means and what you need to do if anything to protect your network from harm.

We use an Enterprise Network Vulnerability Product called Nessus from Tennable Network Security. Nessus is the world-leader in active scanners, featuring high speed discovery, asset profiling and vulnerability analysis.
Click Here to Sign Up.

Why we use the Nessus Vulnerability Scanner and Some of its Features:

Based on the most pessimistic computations, and on the number of downloads every day, Nessus has at least 50,000 users worldwide.

The huge user base allows Tenable to get the best feedback regarding security checks - and therefore to offer security checks which are reliable, non destructive and not prone to false positives.

The first public release of the Nessus Vulnerability Scanner was in 1998 and the technology behind it has been extensively tested and proven over time, on huge networks.

We use an up-to-date security vulnerability database that contains tests for over 14,000 different security checks, covering local and remote flaws. Focusing on the developement of security checks for the most recent security holes, the security checks database is updated on a daily basis. Staying up-to-date is a must if you want to perform a security scan. Every week, several dozen of new security checks are added in the nessus security check database.

The Nessus Security Scanner includes NASL, (Nessus Attack Scripting Language) a language designed to write security tests easily and quickly. NASL plugins run in a contained environment on top of a virtual machine, thus making Nessus an extremely secure scanner.

Each security test is written as an external plugin, written in NASL. This means that updating Nessus does not involve downloading untrusted binaries from the internet.

The scanner does not believe that the target hosts will respect the IANA assigned port numbers. This means that it will recognize a FTP server running on a non-standard port (ie: 31337), or a web server running on port 8080. Nessus is the first scanner on the market to have implemented this feature for all the security checks (and has been copied by many since then).

If a host runs the same service twice or more, the scanner will test all of them. Several competing scanners on the market still consider that a host can only run one server type at once.

The scanner has the ability to test SSLized services such as https, smtps, imaps, and more, making our scanner one of the first security scanners on the market to provide this feature.

The scanner allows us to choose between performing a regular non-destructive security audit and to throw everything you can at a remote host to see how will it withstands attacks from intruders. Many scanners consider their users to be too inexperienced to make that kind of choice, and only offer them to perform "safe" checks. We use the more thorough test procedures, performing more than 10,000 different vulnerability checks, to determine the full level of vulnerabilites of your firewall and internet access.
Click Here to Sign Up.

 

Penetration Testing vs Vulnerability Assessment

There is some confusion within the security industry about the difference between Penetration Testing and Vulnerability Assessment, they are often discussed as the same thing when, in fact, they're not.

Penetration Testing sounds a lot more exciting, but most people actually want a Vulnerability Assessment and not a Penetration Test, many testing companies label their service as a Penetration Test, when in fact they are 100% a Vulnerability Assessment.

A Penetration Test is mainly a Vulnerability Assessment, but it goes a little bit further.

A Penetration Test is a method of evaluating the security of a computer system or network by simulating an attack by a malicious hacker. This process involves an active analysis of the system for any weaknesses, technical flaws or vulnerabilities. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposal for mitigation or a technical solution.

A Vulnerability Assesment is what most companies generally do, as the systems they are testing are live production systems and can’t afford to be disrupted by active exploits which might crash the system.

Vulnerability Assessment is the process of identifying and quantifying vulnerabilities in a system. The system being studied could be a physical facility like a nuclear power plant, a computer system, or a larger system or network.

Vulnerability Assessment has many things in common with risk assessment. Assessments are
typically performed according to the following steps:

1. Cataloging assets and capabilities (resources) in a system
2. Assigning quantifiable value and importance to the resources
3. Identifying the vulnerabilities or potential threats to each resource
4. Mitigating or eliminating the most serious vulnerabilities for the most valuable resources

This is generally what a security company is contracted to do, from a technical perspective, not to actually penetrate the systems, but to assess and document the possible vulnerabilities and recommend mitigation measures and improvements.
Click Here to Sign Up.

 

Costs for this service: Most other companies performing this service will not provide their pricing upfront or on their website, we do. We are upfront about the costs and the amount of time we put into each report. How often should you have your external network tested? We feel you should have your network tested and reported upon at least Quarterly. Keep in mind that new vulnerabilities are discovered and introduced daily. The more often that you have your network scanned the more secure your network will be. However we do offer a one-time scan for those businesses that need a one-time assessment for auditing purposes.

Report Pricing is for a total of up to 8 IP addresses that are assigned to your business sequentially for one device, router, or firewall. Additional Offices, Devices, Routers, Firewalls, etc. can be included in the 8 total IP addresses at an additional cost per device/office as long as the number of total IP addresses does not exceed 8 IP addresses and are in sequential order. Additional blocks of 8 IP addresses can purchased at an additional cost. Once we receive the signup form we will contact you to verify the information then forward to you another form to complete, sign, and fax back to us. If you prefer to pay by check, we will send you an invoice. Once payment is received, we will have the report completed and returned to you by the next business day.

Single instance report -
includes 30 days email based support
 
$149 onetime - includes up to 8 IP addresses and 1 device
Quarterly reports:
(Plus 1 add'l report as needed = 5 reports/yr - Save ~$200/yr)
 

$399/yr - includes up to 8 IP addresses and 1 device

Monthly reports:
(Plus 2 add'l reports as needed = 14 reports/yr - Save ~$800/yr)
  $799/yr - includes up to 8 IP addresses and 1 device
Additional offices/devices/routers/firewalls/etc.:
(TCPIP addresses for additional offices and devices are included in the 8 total TCPIP addresses - if total TCPIP addresses exceed 8 you will need to purchase an additional block of 8 TCPIIP addresses.)
 

Onetime test: $75 per office/branch/device/router/firewall
Quartely tests: $199/yr per office/branch/device/router/firewall
Monthly tests: $399/yr per office/branch/device/router/firewall

Additional Blocks of 8 TCPIP addresses:   50% discount off above regular report prices.
     

Click Here to Sign Up for Your Vulnerability Assessment Report or
Call us today to get your network tested for vulnerabilities!


 
 

Hosted and maintained by internet computing solutions
Copyright © 2017, internet Firewall Servers

Firewall, Vulnerability Testing, Credit Union Vulnerability Testing, Content Filtering, URL Filtering, Web Filter, Website Filtering, Web Blocking, Web Proxy, Spam filtering, Anti-virus protection, Intrusion Detection, Port Block, VPN, Network to Network VPN, Proxy Server, User Authentication, internet access control, internet access filtering, internet traffic shaping, network security, network protection, Indianapolis, Indiana, Central Indiana, Website Hosting Indianapolis Indiana, Web hosting, Web Site Design Indianapolis Indiana, Indianapolis Credit Union Web Site Hosting, Indiana real estate web hosting , Indianapolis Indiana email, Indianapolis Computer Consulting Services, Network Consulting, Internet Services, Small Business Computer Consulting, Indianapolis Domain Hosting.