DigitalDefence
Home > Protect > Infrastructure Security

Infrastructure Security

Organizations are increasingly dependent on their network infrastructure to enable in-house and remote access to critical data

vuln_scn

Your organization’s network infrastructure provides the functional support for secure business operations – how can you effectively use it to create a competitive advantage?

DigitalDefence will assess your network infrastructure, or specific components, using a methodology based on the Sherwood Applied Business Security Architecture, or SABSA. The primary characteristic of the SABSA model is that it is risk-driven, and all aspects of the analysis are directly derived from an assessment of business requirements.

After collecting business requirements (the contextual analysis), DigitalDefence follows a structured model that includes assessment of the conceptual architecture, the logical services architecture, the physical infrastructure architecture, and the selection of technologies and products. The business requirements are maintained in each “layer” of the model, ensuring that the business requirements are always driving the technology, and not the other way around!

DigitalDefence takes a 3-part approach in assessing the security delivered by your network:

  • Conduct a current state analysis to obtain a high-level overview of your security and infrastructure strategies, the existing infrastructure and its current capabilities, and security state;
  • Develop a future state design, including plans for the recommended end state; and,
  • Recommend a migration plan, including a timeline and cost estimates, to transition from the current state

Technologies Assessed

DigitalDefence can assess the security of multiple architectures, including:

  • Wired networks (WAN, LAN)
  • Wireless networks (WAN, LAN, Bluetooth
  • Virtualized environments, including “cloud computing”
  • Remote access technologies
  • Network and security devices, including firewalls, VPNs, IPS/IDS
  • Voice over IP (VoIP) networks, PBX, and related telecommunications devices


Service Delivery

During the infrastructure security assessment, DigitalDefence will:

  • Assess strategic, security and network documentation
  • Review the existing architecture
  • Conduct a data flow analysis to identify where data enters and leaves the controlled network
  • Conduct a technology review, including the existing network topology, access controls, authentication mechanisms, and network administration and maintenance
  • Assess resilience and survivability of the network
  • Assess the impact of third parties


DigitalDefence can provide additional services to improve the security of your technical infrastructure, including:

  • Assistance in product testing and selection
  • Installation and configuration services
  • Hardening of network equipment, servers, and workstations, including documentation
  • Training