Network Architecture Review

The objective of network architecture security review is to identify weaknesses, gaps of existing security controls and compare their alignment with the organization's security objectives.

Network Architecture Review is a part of defence in depth strategy which will provide benefits which is listed below.

  • Reduce attack surface
  • Increase data availability
  • Limit the scope of regulatory compliance (PCI, HIPPA etc.)

 

Adactin Approach

  • Segmentation of Networks
  • Access control of different zones (Low, medium & high trust zone)
  • Layered Security
  • Monitoring
  • Change Control
  • Encryption if any
  • Redundancy with aspect of Availability
  • Compliance requirement if applicable (RBI Guidelines, PCI-DSS etc.)

Server Hardening

Default operating system installations aren't necessarily secure. Server hardening is the process of tuning the server operating system to increase security and help prevent unauthorized access. We at Adactin Group know each environment is unique and we work with you to design a server hardening plan that works with your applications while increasing security and stability..

Our experienced professionals will ensure that the hardening standards are in place and in line with industry benchmarks, and that your servers are patched and configured to comply with these standards. Non-compliant items will be fixed in a time-bound manner whilst ensuring first and foremost that functionality is not being impacted.

Linux Server Hardening:

Linux servers provide a great application hosting platform for LAMP-stack applications such as WordPress, Joomla and Drupal. Here are some categories NII focuses on when securing a Linux server:

  • SSH Server Hardening
  • Apache / Nginx Hardening
  • FTP Server Hardening
  • Local Firewall Hardening
  • Software-Specific Hardening
  • (Control Panel Software)
  • Kernel Updates, Software Repository Hardening
  • Automated User Password Aging / Lockout
  • Unnecessary Service Audit
  • Kernel-Level Hardening
  • File and Directory Permissions Audit

Microsoft Windows Server Hardening:

  • Remote Desktop Protocol Hardening
  • Windows Registry Key Hardening
  • Group Policy Audit and Hardening
  • Service Audit and Lockdown
  • Password Policy Audit and Lockdown
  • Firewall Audit and Configuration
  • Audit Policy Configuration
  • Service Pack / Hotfix Audit and Remediation
  • File System Permission Audit
  • Anti-virus Configuration and Management

Patch and Remediation Management 

Our teams work with your existing patch management solution to ensure all critical systems have all critical security patches applied within a timeline that is aligned to the exposure of the systems. We also ensure that the patching mechanisms covers not only the standard operating system patches, but also those that might be applicable to databases and critical endpoint software such as Microsoft Office, Java, Adobe, browsers, etc.

Scheduling server patches -- Patch deployment may not be necessary every month if the vulnerabilities identified do not apply to the servers. However, in the event that no patches are needed, the servers will be rebooted every month, unless there is a customer need to remain available. With the large number of patches from Microsoft, you should assume that there will be critical patches every month and that patches will need to be installed with a reboot to follow.

Active Directory Policy Implementation

Introduction
Active Directory (AD) plays a vital role in security, compliance, application management, operational intelligence and user productivity. AD is an access and identity management directory that authenticates and authorizes users and shared resources (such as computers and printers), administers group policies and manages roles and privileges across a network. Many services and software products are dependent on AD for user authentication (such as Exchange, SharePoint and intranet) so effective, skilled AD management is an essential element of corporate IT.

Secured Active Directory Implementation
Adactin’s Active Directory as a Service delivers management and support of the AD and domain controllers for your network domains. Working closely with you, Adactin installs and configures the Active Directory Domain Services software on your domain controllers to an agreed structure, then delegate the required access rights to you.

We can also help migrate your existing user accounts, delivered as a phased rollout with a connection between your existing AD environment and any selected new environment. We ensure minimal disruption to your services by making your new environment operational prior to switchover and decommissioning your existing environment.