The recent events have forced organizations to drive change in the way its employees access corporate infrastructure. With more and more employees working from home, Remote access solutions have been rapidly deployed to meet the demand. NetSentries offers services to test remote access security and ensure security controls are in place to reduce overall risk factors and to verify that compliance requirements of the organization are not violated.
Let’s StartOur Remote Access Infra Security Assessment includes an in-depth assessment of critical components of Remote Access infrastructure like NAC, AAA solutions, MFA, VPN Gateways, and software applications. Our tried and tested Assess-Validate-Respond (AVR) model-based assessment leverages a unique hybrid approach for identifying all possible remote access security issues.
During the Assess phase, our expert team will use a multifaceted assessment approach that probes the remote access infrastructure in active and passive modes to identify all possible security flaws. Assessment includes validation through:
1. Configuration Review
2. Passive Control Validation and
3. Active Penetration Testing
We begin by understanding the organization's Remote Access goals, strategies and control objectives and then review the device security posture to identify how the current logical controls protect critical assets, sensitive data stores, and business-critical interconnections in accordance with the organization’s business and security objectives. The review covers Rule Sets, Policies, Logging and Auditing, and Compliance and delivers a comprehensive Risk Assessment report with remediation advisory.
Our comprehensive configuration review focuses exclusively on evaluating rules and configurations within the context of your specific solution. While configurations are examined, the effectiveness of the implemented controls and rules raises questions. To address this, we leverage the Control Validation exercise, a crucial step in ensuring the Solution's robustness. In this approach, we conduct an in-depth assessment without actively testing the Solution. Instead, we tactfully explore device-contextual techniques to challenge the existing controls, aiming to identify any potential weak points and bypass RA rules configured within.
Active Penetration Testing involves rigorous, intrusive testing directly against the Solution itself. By subjecting the Solution to deliberate attempts to overwhelm or breach it, we gain valuable insights into its resilience and capacity to withstand attacks, ultimately enhancing its ability to enforce controls effectively.
The NetSentries team will work closely with the client’s IT and Network teams to provide advisory and follow up support for the implementation of gap remediation recommendations. Once the recommended changes/controls are implemented, a final configuration and profile review will be conducted to ensure that no further gaps exist in the system.
NetSentries’ Cyber Threat Management team closely studies and monitor the different breaches caused by exploiting the Remote Access infrastructure in the recent past and then develops customized security monitoring use cases specific to it. These use cases are Vendor Agnostic and rely on correlating the raw logs, flows, and events generated during any Remote Access session helping the customer to build proactive breach attempt detection capabilities.
