Overview:
The organization has been Iceland’s largest transportation company. It operates 50 vessels, 2,000 trucks and trailers and approximately 180 cold stores. It has an extensive branch network, with a total of 200 operational bases in 30 countries, employing approximately 14,500 people. Annual turnover exceeds EUR 1.450 billion
Business Needs:
The consulting engagement awarded to Cyber Security Practice to assess security posture of the organization’s central. hosting environment Infrastructure, monitor their internal network traffic and analyze the network and security, devices configuration of central hosting zone, service provider managed network devices and some of their another branch networks.
Problems and Challenges:
Bottom Security approach, where in the assessment would be done without access to the information. Engagement execution from the offshore location. The test setup at Iceland, whereas testing at offshore location, Monitoring of the traffic at central hosting environment, required coordination of IT infrastructure, vendors supporting infrastructure management. Security configuration review, security testing and monitoring elements planned to execute in 3 weeks of the Project
Solution:
The engagement plan was outlined into four phases:
- Configuration analysis of networking and security devices at secure zone or central hosting environment.
- Assessment and Infrastructure configuration review, Monitoring of the traffic at secure zone.
- Evaluation of the security posture of the firewall at location where large network behind like Atlas.
- Vulnerability Assessment of the central hosting environment.
Benefits:
- Identification and analysing vulnerabilities in network/security devices at central hosting zone.
- The traffic monitoring snapshots to know about their traffic pattern and help to restrict unwanted traffic from their network. T
- The analysis of network /security devices configuration to know about the stop or restrict unwanted services running on these devices.
- The analysis of network /security devices configuration to track the unnecessary access “any any” to the central hosting zone