Network Device Reviews, A Less Common Assessment

One of the less common assessments that MicroSolved performs for our clients is a Network Device Review (NDR). These assessments are aimed at helping clients assess the current state of specific devices or system configurations and improving them. 

Common devices assessed via this service include:

  • Firewalls
  • Routers and switches
  • IDS/IPS deployments and configurations
  • Load balancers
  • Workstation and server install and image baselines
  • ICS & SCADA devices from back end to customer premise

This type of assessment is performed using a combination of automated tools and manual time with our security engineers. The methodology leveraged to perform the assessment is very similar to our other assessments, with the engineers doing detailed analysis of attack surfaces and evaluation of relevant controls. Reports follow a more technical path for these services, with a technically focused report set and a small management level summary, keeping the cost of these services significantly less expensive than our deeper pen-testing and fuzzing assessments.

Customers often use these services to perform spot validation or as a part of an overall hardening project to improve their security posture organically. To learn more about the NDR service, get in touch with your account executive or contact us via info (at) micro solved (dot) com for a free conversation about how the NDR can help your organization.

As always, thanks for reading and stay safe out there!

Cisco IPS Denial of Service

Cisco has released an advisory for IPS platforms, they are susceptible to denial of service attacks. The vulnerability is in the handling of jumbo ethernet frames. A specially crafted packet can cause the device to kernel panic, a power cycle is required to reset the device. However, if the device is deployed in promiscous mode, or does not have a gigabit interface, it is not vulnerable. For vulnerable devices, Cisco has released updates and a workaround. Install the updates, or disable support for jumbo Ethernet to mitigate this issue.