PRIMARY CONTACT: Patrick B. Armknecht CPA, CITP 

It is critical to assess the risks that are prevalent within an organization's core network infrastructure. As technology rapidly changes, oftentimes core network appliances and other devices are shipped and installed with "out-of-box" settings, lacking the hardening required for maximum security. The Network Device Security and Configuration Assessment is a comprehensive analysis of potential vulnerabilities and misconfigurations on a device. From firewalls, to switches and routers, Schneider Downs has the expertise to identify and assess the risks of single and cumulative vulnerabilities that exist across these devices. We perform automated and manual assessments and take a collaborative approach in establishing an action plan to remediate all identified vulnerabilities. We also consider any other security components and mitigating factors to determine the overall risk to the security posture of the organization's internal network appliances.

As the protection of systems and critical data continue to be a major component of cybersecurity awareness, Schneider Downs maintains in depth knowledge of industry best practices and can assist your organization in identifying vulnerabilities and overall risk to your internal network infrastructure. We have continued to establish ongoing relationships with new and existing clients to ensure coverage over the ever-changing risks posed by network vulnerabilities.

Detailed Approach to a Network Device Security and Configuration Assessment

Schneider Downs begins by developing an understanding of our client's network infrastructure through reviewing the network topology, meeting with key technical personnel and understanding any other points of access that may not be indicative within the organization's technical documentation. From here, we collaborate with the client to determine the high risk' devices to incorporate into our assessment.

We then take an automated approach to identify all vulnerabilities or misconfigurations for each device. We then use our experience and collaborate with our clients to assess the findings and determine their actual threat and risk to the organization. In doing so, we take care to consider other mitigating factors that will have an impact on the risk, these factors may include:

Factors that Could Impact Risk

• Superseding rule sets
• Access levels
• Isolation within the network
• Other security devices

Schneider Downs will then provide a detailed report with the following data points for each vulnerability or misconfiguration uncovered during the assessment:

• Finding
• Rating
• Impact
• Ease of exploit
• Recommendation
• Ease of fix

All findings are fully vetted to ensure that the risks posed for each vulnerability or misconfiguration, along with the recommendations for remediating are fully understood.

Network Device Security and Configuration Assessment Approach