Infrastructure Hardening

What is Infrastructure hardening?

Infrastructure hardening is the process of tuning all the network devices and servers to increase security and help prevent unauthorized access. We ensure that the hardening standards are in place and in line with industry benchmarks, and that your servers are patched and configured to comply with these standards. We have a rich experience in hardening all flavours of Windows servers, Linux versions and Database servers. Apart from hardening of the servers, we can help you in hardening the network devices which includes but is not limited to firewalls, routers, switches, load balancers, web gateways, spam filters. This would ensure that your network devices are secure and are proudly playing their role without any security misconfiguration, thereby, reducing the internal attacks too.

Krash Consulting performs an exhaustive review of the configuration of the network devices such as web gateway solution, spam filtering solution, identity and access management solution, vpn gateway, wireless LAN controllers and many more. Since, these network device components in place may differ from organization to organization, this would be a completely customized assessment based on the already existing configurations and the gaps in alignment to the standard best practises:

Administration Settings

We check

  • administrator consoles are configured with default passwords
  • Session timeout related information
  • Total users who have access to the admin console
Cryptographic Settings

Encryption is important to ensure the confidentiality of information. We identify

  • weak SSL cipher suites used by the device for secure connections
  • secure storage of device passwords within the device
Firewall Rules

Weak firewall rules allows an attacker to perform sophisticated attacks without being detected. We perform

  • Base review of firewall rules
  • Verification and evaluation of connections between trusted and untrusted networks
Time Synchronization

If the system time configured in the network devices are not in sync, this would render the device logs useless in case of a forensic investigation post incident. We review the time configured on all devices against the NTP server.

SNMP Configuration

If SNMP community strings are compromised, an attacker would be able to gain access to the entire device.We evaluate

  • SNMP community strings configuration
  • Complexity of community strings
Firmware Versions

We review firmware versions as an attacker may exploit outdated firmware vulnerabilities to gain root-level access to devices and create backdoor to the internal network.

Backup Configuration

We evaluate whether the backup is configured for the device. Regular configuration device backups and restoration tests are necessary to ensure that the device is up and running after an incident.

CALL​ ​US​ ​AT:​ ​+91​ ​95383​ ​61786

Get​ ​Started​ ​Now​ ​Discovering​ ​and​ ​Fixing​ ​the​ ​Threats​ ​to​ ​Your​ ​IT​ ​Environment.

There’s​ ​an​ ​old​ ​saying:​ ​“The​ ​best​ ​time​ ​to​ ​plant​ ​a​ ​tree​ ​is​ ​20​ ​years​ ​ago.​ ​The​ ​second-best​ ​time​ ​is today.”​ ​There’s​ ​no​ ​better​ ​time​ ​than​ ​now​ ​to​ ​start​ ​uncovering​ ​and​ ​addressing​ ​the​ ​vulnerabilities that​ ​can​ ​cause​ ​no​ ​end​ ​of​ ​expense,​ ​embarrassment,​ ​and​ ​litigation​ ​for​ ​your Organization.

It’s​ ​easy​ ​to​ ​get​ ​started​ ​and​ ​costs​ ​less​ ​than​ ​you​ ​probably​ ​think.

So​ ​please​ ​contact​ ​us.​ ​​Today​.