Netshield Announce Our New Vulnerability Scanning Service, NetScan.

NetScan is a popular and capable infrastructure and web application vulnerability scanner, providing the ability to carry out regular scanning to identify vulnerabilities before they become a huge business security risk.

First Class Scanning.

Unpatched software, configuration weaknesses and software vulnerabilities also need to be managed effectively. NetScan includes a vulnerability assessment module to perform vulnerability scans across your external network infrastructure.

• Access sophisticated scanning and exploit technology designed by experienced penetration testers
• Provides a single platform to identify and manage web application and infrastructure risk
• Confirms vulnerabilities through safe exploitation to eradicate false positives and provide proof of concept
• Prioritise each vulnerability’s remediation
• Generates reports in Microsoft Word and CSV. PCI and UK Government PSN compatible formats
• Schedule scans to run at any given date and time. Scan at regular recurring intervals with email notification.

Web Applications.

Vulnerabilities within web applications pose a significant threat to your organisation’s network security. NetScan can identify all known web application vulnerabilities and provide exploit capabilities to demonstrate their impact and eradicate false positives.

Many existing web application scanners rely on parsing web pages in order to discover application components (e.g. links and forms). This approach is no longer effective when testing modern web 2.0 based applications. Components generated at runtime using JavaScript, Flash or Silverlight components will remain invisible to traditional discovery techniques.

NetScan employs two integrated crawling technologies to overcome this challenge. Our HTTP/HTML based crawler is used to components quickly and to identify hidden components through forced browsing. A second integrated crawling engine then executes web pages in the same way a normal browser would. Any embedded scripts or components then able to run as intended whilst allowing full visibility to the discovery engine. If a modern web browser such as Google Chrome can access the application, NetScan can crawl it.

• Thorough assessment of all known web application vulnerability classes such as those defined within the OWASP top ten.
• Advanced detection of DOM based Cross Site Scripting (XSS) vulnerabilities through JavaScript taint analysis.
• Decompilation and static analysis of Adobe Flash files.
• HTML5 postMessage analysis. • Confirmation of discovered flaws through safe vulnerability exploitation

Identifying False Positives.

A false positive is where a vulnerability scanner indicates there is a vulnerability when in fact there isn’t one. Sorting through scanner results to determine which reported issues are real and which are false positive is a time-consuming process. To eliminate false positives, and to provide proof of concept evidence, NetScan employs safe custom exploit techniques to actively confirm discovered vulnerabilities.

Third Party Applications Download custom filtered results and view via HTML, Docx or CSV. NetScan includes a simple JSON data API for retrieving, aggregating, processing and reporting raw vulnerability data for use in third party applications.

Complex authentication schemes are supported when NetScan is supplied with the minimal information, such as a username and password pair. Optionally, a login URL may be provided to direct the scanner where to use the credentials and for scenarios such as single sign-on. The scanner may easily be adapted to support bespoke authentication schemes that require non-standard credentials or processes.

NetScan can provide comprehensive vulnerability assessment and analysis against remote hosts to determine if a misconfiguration exists that could allow an attack to get behind the application and into sensitive data.

Please call us to discuss any aspect of your IT Requirements on 0333 200 1636 or visit our website http://www.netshield.net to find out more about the ways that our expert support and advice will improve the health of your IT.

Advertisements

Take control with Endpoint Security

An IT network may have a Next Generation Firewall(s) in place to help keep out the malicious attacks but, it is advisable to have a layered approach to IT network security, like adding a layer of endpoint security.

Similar to Next Generation Firewalls, ‘Endpoint Security’ is an enhancement of traditional anti-virus as it is an all-in-one security suite where it will protect user devices (endpoints) on the network from viruses, worms, malware and offer security enforcement features and much, much more. Whereas anti-virus is designed simply too detect and destroy viruses and worms.

Why Endpoint? I hear you ask – Advances in technology has led to the changes in the corporate network demands i.e. increase usage of social media and employees working remotely, through the internet or different devices. So, it is becoming a critical element for corporations because it offers that extra layer of security by protecting the end-user devices and offer more control for the IT administrators to the IT network.

Some of the Advantages of Endpoint Security:-

  • Provides Security and Protection for devices
  • Central Management Control Console
  • Ability to Set and Enforce Security Policies
  • Web Content Control
  • Application Control
  • Email Protection and Encryption
  • Mobile Security
  • Anti-Virus and Malware
  • Etc.

But, you need to keep in mind ‘Endpoint Security suites’ features will vary depending on the brand. So, businesses need to decide which are the most important features and evaluate the different Endpoint offerings before deployment.

For advise on Endpoint Security Suites, contact us today.

Benefits of Server Virtualization

Virtualization comes in different forms where each one would offer businesses a range of benefits. By far ‘Server Virtualization’ amongst SME’s is the most popular because it allows companies to consolidate existing physical servers using virtualization products such as VMWare and Windows Virtual Server.

Some of the Benefits of Server Virtualization includes:-

  • Reduce capital expenses – by decreasing the number of physical servers, you will reduce hardware maintenance costs, energy consumption and save space.
  • Maximizing use of existing resources – Virtualization makes server administration more efficient, agile and less time consuming.
  • By segregating applications into their own ‘virtual server’ it can prevent the applications from affecting another application when upgrades or changes needed to be made.
  • Faster data backup and recovery as image-based backup and recovery will be faster than tradition methods.

By just virtualizing your IT network servers if can offer a more robust and flexible IT network environment compared to a physical infrastructure. For consultation on virtualizing your IT environment please feel free to contact us

The Different Types of IT Network Virtualization

IT network virtualization has been around for many years and gaining in popularity amongst SMB’s,  with many currently planning or deploying virtualization projects. It has also been found that over 40% of medium sized businesses have already virtualized their servers.

Within the virtualization market there are 2 main competing brands VMware and Microsoft Hyper-V, where both have their benefits. But, prior to choosing the software vendor a business must decide on what type of virtualization to proceed with and the objectives of the IT project.

There are 3 main types of IT Network Virtualization:

Storage Virtualization

Storage devices on the network like hard drives are consolidated into one place and managed by a central portal. This will allow network administrators to monitor resource levels available on the IT network and making it easier to manage day to day.

Network Virtualization

This is where a traditional IT network is transformed to a virtual network by combining both hardware and software resources within the IT infrastructure. The network administrator would then be able to share resources amongst the users, like dividing bandwidth into different channels. They will also be able to see the complete network in a management portal, which would help streamline processes and save time.

Server Virtualization

One of the most popular forms of virtualization – this is when virtual machines are created within physical servers but, the virtual machines will still appear to be in a separate space. Different tasks can then be assigned to different servers, allowing savings on processing power, cost and space while the administrator will still be able to diagnose and resolve issues quickly.

To find out how virtualization can help your business contact us today

Top 5 Advantages of Managed IT Services for Businesses

The reliance on IT systems has prompted a movement from traditional break-fix or reactive IT support to Managed IT services. ‘Reactive IT support’ or ‘Break-fix IT Support’ is when an issue arise within the network and the IT engineer is called. Whereas ‘Proactive’ or ‘Managed IT’ involves continuous monitoring and maintenance of an IT network so, an IT engineer can potentially resolve and prevent issues occurring with the system while the end-users remain productive and working.

Here are our Top 5 Benefits of a fully ‘Managed IT Service’:

1. Increase Productivity

By opting for a Managed IT service it can lower the risk and potential impact of IT failure on a business; because by continuously managing and monitoring an IT network the Managed Service Provider (MSP) can take a proactive approach and resolve certain issues prior to it affecting the end user. Also it can decrease the time from major network failure to issue resolution, as the MSP will have in-depth knowledge of the IT network already.

2. Reduce Overheads

Managed IT is a cost effective way for managing and dealing with an organisations business IT; as businesses would not require capital investment i.e. for in-house IT team but, only a monthly operational expense is required. With a managed IT service a business can leverage resources and expertise from the MSP for the length of the contract.

3. IT Expertise

By investing in a MSP for your company will have a team of IT experts with a wealth of experience and expertise to monitor and manage the business IT infrastructure. They will also be trained on the latest technology and be able to offer tailored recommendations based on the current condition of the IT network.

4. Reduce Network Downtime

By having regularly maintenance activities in place conducted by the MSP, it can help reduce the occurrence of unforeseen downtime or incidents and it will keep the business running smoothly. Also scheduled IT healthcheck reports generated by the MSP will also help with future IT resource planning.

5. Customisable SLA

Businesses can often customise a Managed IT Services package to suit the business needs and budgets. Service Level Agreements can be tailored to manage the whole IT infrastructure, certain devices or aspects of the network. The IT support included in the service can be the standard 9 to 5 or 24/7, there is a choice with managed IT.

A good Managed Service Provider can help nurture and grow your business by affectively managing your business IT. There are a number of benefits of Managed IT services that a business can gain from investing in it.

If you would like more information please feel free to contact us.