What is Infrastructure hardening?
Infrastructure hardening is the process of tuning all the network devices and servers to increase security and help prevent unauthorized access. We ensure that the hardening standards are in place and in line with industry benchmarks, and that your servers are patched and configured to comply with these standards. We have a rich experience in hardening all flavours of Windows servers, Linux versions and Database servers. Apart from hardening of the servers, we can help you in hardening the network devices which includes but is not limited to firewalls, routers, switches, load balancers, web gateways, spam filters. This would ensure that your network devices are secure and are proudly playing their role without any security misconfiguration, thereby, reducing the internal attacks too.
Krash Consulting performs an exhaustive review of the configuration of the network devices such as web gateway solution, spam filtering solution, identity and access management solution, vpn gateway, wireless LAN controllers and many more. Since, these network device components in place may differ from organization to organization, this would be a completely customized assessment based on the already existing configurations and the gaps in alignment to the standard best practises:
- administrator consoles are configured with default passwords
- Session timeout related information
- Total users who have access to the admin console
Encryption is important to ensure the confidentiality of information. We identify
- weak SSL cipher suites used by the device for secure connections
- secure storage of device passwords within the device
Weak firewall rules allows an attacker to perform sophisticated attacks without being detected. We perform
- Base review of firewall rules
- Verification and evaluation of connections between trusted and untrusted networks
If the system time configured in the network devices are not in sync, this would render the device logs useless in case of a forensic investigation post incident. We review the time configured on all devices against the NTP server.
If SNMP community strings are compromised, an attacker would be able to gain access to the entire device.We evaluate
- SNMP community strings configuration
- Complexity of community strings
We review firmware versions as an attacker may exploit outdated firmware vulnerabilities to gain root-level access to devices and create backdoor to the internal network.
We evaluate whether the backup is configured for the device. Regular configuration device backups and restoration tests are necessary to ensure that the device is up and running after an incident.
CALL US AT: +91 95383 61786
Get Started Now Discovering and Fixing the Threats to Your IT Environment.
There’s an old saying: “The best time to plant a tree is 20 years ago. The second-best time is today.” There’s no better time than now to start uncovering and addressing the vulnerabilities that can cause no end of expense, embarrassment, and litigation for your Organization.
It’s easy to get started and costs less than you probably think.
So please contact us. Today.