What Does This Service Provide?
This service provides Vulnerability Testing and Reporting of your internet firewall and associated IP addresses. This includes a report for the block of IP addresses that your ISP has assigned to your place of business, up to 4 IP’s per location per device/router or branch office. Here is an example of the Vulnerability Testing Report. Here is an example of the Additional Notes we provide. Typically, if you have a business class DSL or Broadband service, your ISP will provide you with a block of 4 to 8 IP addresses per location or branch. Most often you only use 1 of those IP addresses, which is assigned to your firewall at your office. However, some firewalls can manage more than one IP address and can be configured to provide “additional services” to your internal network via these additional IP addresses and ports. We can test all of these IP addresses.
We provide you with a report that gives you a detailed view of the potential vulnerabilities at your point of access to the internet. This report identifies the ports that are open and any associated vulnerabilities, provides a description of the test, attempts to identify any potential services running, and provides a synopsis, description, additional resource links, possible solutions, and risk factors, if applicable, on those open ports. If a particular port or vulnerability is not reported, it is not considered a security risk.
What Can Be Done With This Report?
This report can be provided to your auditors to show your compliance with vulnerability and penetration testing requirements. The information in the report can also be used by your network/pc consultants/administrators to determine what vulnerabilities need to be addressed and/or corrected and/or closed on your internet firewall/router. We provide tech support for any questions related to the report and its contents. If your network administrator has a question about a vulnerability that was found, we will provide as much information about that item to help you understand what that vulnerability means and what you need to do if anything to protect your network from harm.
We use an Enterprise Network Vulnerability Product called Nessus from Tennable Network Security. Nessus is the world-leader in active scanners, featuring high speed discovery, asset profiling and vulnerability analysis.
Nessus Vulnerability Scanner Features
- The huge user base allows Tenable to get the best feedback regarding security checks – and therefore to offer security checks which are reliable, non destructive and not prone to false positives.
- The Nessus Security Scanner includes NASL, (Nessus Attack Scripting Language) a language designed to write security tests easily and quickly. NASL plugins run in a contained environment on top of a virtual machine, thus making Nessus an extremely secure scanner.
- The scanner allows us to choose between performing a regular non-destructive security audit and to throw everything you can at a remote host to see how will it withstands attacks from intruders. Many scanners consider their users to be too inexperienced to make that kind of choice, and only offer them to perform “safe” checks. We use the more thorough test procedures, performing more than 10,000 different vulnerability checks, to determine the full level of vulnerabilities of your firewall and internet access.
Cost of This Service
Most other companies performing this service will not provide their pricing upfront or on their website, we do. We are upfront about the costs and the amount of time we put into each report. How often should you have your external network tested? We feel you should have your network tested and reported upon at least Quarterly. Keep in mind that new vulnerabilities are discovered and introduced daily. The more often that you have your network scanned the more secure your network will be. However we do offer a one-time scan for those businesses that need a one-time assessment for auditing purposes.
Report Pricing is for a total of up to 4 IP addresses that are assigned to your business sequentially for one device, router, or firewall. Additional blocks of 4 IP addresses can purchased at an additional cost. Once we receive the signup form we will contact you to verify the information then forward to you another form to complete, sign, and fax back to us. If you prefer to pay by check, we will send you an invoice. Once payment is received, we will have the report completed and returned to you by the next business day.
Vulnerability Assessment Prices
| Service | Price |
|---|---|
| Single instance report – per office (includes 30 days email based support) | $199 onetime – includes up to 4 IP addresses and 1 device |
| Quarterly reports -per office (Save ~ 15% off Single Rate) (includes full year email based support) | $675/yr – includes up to 4 IP addresses and 1 device |
| Monthly reports – per office (Save ~ 20% off Single Rate) (includes full year email based support) | $1895yr – includes up to 4 IP addresses and 1 device |
| Additional devices/routers/firewalls/etc. – per office (TCPIP addresses for additional offices and devices are included in the 4 total TCPIP addresses, if total TCPIP addresses exceed 4 you will need to purchase an additional block of 4 TCPIP addresses.) | Onetime test: $149 per office/branch/device/router/firewall Quarterly tests: $525/yr per office/branch/device/router/firewall Monthly tests: $1325/yr per office/branch/device/router/firewall |
| Additional Blocks of 4 TCPIP addresses | 50% discount off above regular report prices. |
Click Here to Sign Up for Your Vulnerability Assessment Report or Call us today to get your network tested for vulnerabilities!
