Assessment

Driftex offers a service for the vulnerability assessment of all IT infrastructure using a non-intrusive module to investigate the network in order to know about everything connected to the network, and a module to investigate the security in order to know external vulnerability, user behaviour, permissions, logins and much more.
Driftex provides the assessment activity using four different tools:

  • Network Assessment Module
  • Security Assessment Module
  • Exchange Assessment Module
  • SQL Server Assessment Module

Network Assessment Module comes with a complete set of reports that touches on the broadest range of systems, network assets, settings, configuration, installed applications and endpoint security. It also includes an Active Directory site diagram, and detailed information in an Excel format that you can manipulate or integrate into your PSA.
This module produces a wide array of powerful reports:

  • Client Risk Summary Report
  • Full Detail Report
  • Asset Detail Report
  • Excel Export Report
  • Change Management Report
  • BDR Assessment Report

Unlike any other IT assessment product, there are no agents, probes or software to install. The small executable scan files can run from a thumb drive plugged into any computer in the domain, and in most cases the scans can be completed in well under an hour. So while you’re walking around the prospect site, taking notes and making your pitch, the tool is diligently gathering a mountain of network data and saving it in a safely-encrypted file on your thumb drive. And when it’s done, it leaves no “traces” of your activity, no conflicts with other applications, no firewall issues, and nothing to remember to uninstall.

Network data collected by our scanners can only be unlocked and deciphered by the proprietary data analyser. Then, all the data is neatly organized, professionally formatted, and anything outside of industry norms and best practices is highlighted in red so you can quickly focus on the discovered issues. Each individual network scan is saved and archived for future reference and comparison. Our detailed Risk Scores go beyond just providing you with a single number on a scale. You also get the details behind the score, so you know what issues are generating the greatest risks, and a Management Plan to help you prioritize your resources in serving your organization.

Second module, the Security Assessment Module, adds another dimension by including external vulnerability, user behaviour, permissions, logins, deeper dive internal vulnerabilities (sold separately) and more. It includes a full set of security reports that focus on network and user-related security risks, and is designed to offer a basic Managed Security Service to all organizations. This report reveals which users have access to what systems, and what systems are configured with what permissions. This module also includes a powerful, integrated external vulnerabilities scan.

Img

The IT Security Assessment will consist of the following elements:

SECURITY RISK REPORT 
This executive-level report includes a proprietary Security Risk Score along with summary charts, graphs and an explanation of the risks found in the security scans.

SECURITY POLICY ASSESSMENT REPORT 
A detailed review of the security policies that are in place on both a domain wide and local machine basis.

SHARE PERMISSION REPORT BY COMPUTER 
Comprehensive lists of all network “shares” by computer, detailing which users and groups have access to which devices and files, and what level of access they have.

SHARE PERMISSION REPORT BY USER
Organizes permissions by user, showing all shared computers and files to which they have access.

OUTBOUND SECURITY REPORT
Highlights deviation from industry standards compared to outbound port and protocol accessibility, lists available wireless networks as part of a wireless security survey, and provides information on Internet content accessibility.

EXTERNAL VULNERABILITIES FULL DETAIL REPORT
A comprehensive output including security holes, warnings, and informational items that can help you make better network security decisions, plus a full NMap Scan which checks all 65,535 ports and reports which are open. This is an essential item for many standard security compliance reports.

ANOMALOUS USER LOGIN ACTIVITY 
Methodically analyze login history from the security event logs.  The report uses mathematical modeling and proprietary pattern recognition to highlight potential unauthorized users who log into machines they normally do not access and at times they normally do not log in. This report delivers a security professional focus and pinpoints a manageable set of logins to investigate. The alternative is a time-consuming, manual spot check that often misses the mark and is far less reliable.

Third module, the Exchange Assessment Module, provides a full scan of MS Exchange Servers and Office 365 instances to quickly get you all of the details of mailbox stats, users, shares, permissions and more – ideal for both Exchange migration projects and ongoing management. The Exchange Assessment Module gives you all of the tools needed to perform quick, easy, and comprehensive assessments for most MS Exchange environments, including Office 365, Exchange 2013, Exchange 2010, Exchange 2007, and Exchange 2003.

As with the other Network Detective modules, the true value of this offering is the fabulos, data-rich reports that you can quickly generale:

EXCHANGE RISK REPORT
is designed specifically to be a customer-facing document, this report provides a polished overview of any issues identified in the more detailed reports. Corresponding charts and graphs clearly communicate issues and serve as a graphical aide to help suggest remedial steps.
TRAFFIC AND USE REPORT
shows you the status of all mailboxes – their size limits, percentage used, and percentage free. This report is extremely useful when planning a migration or for growth planning to ensure that systems will continue to run without interruption.
MOBILE DEVICE REPORT
provides a detailed listing of every mobile device used by employees to access their organization’s mailbox. The report indicates the names and specific types of mobile devices that are accessing the Exchange server, as well as the operating systems and even the number of folders that are being updated.
MAILBOX DETAIL REPORT
gives you a mailbox-by-mailbox catalog of information, including everything from mailbox display name to quotas to a listing of folders/sizes for each mailbox (and more).
DISTRIBUTION LISTS
identifies and lists all distribution groups as well as which end-users or other groups are to receive any emails.

MAILBOX PERMISSIONS BY USER REPORT
inverts the information to show you on a user-by-user basis which users have access to which mailboxes. This report is a great way to document individual access rights.

Img

Last module, the SQL Server Assessment Module, completes the set with additional specialized reports for anybody responsible for maintaining SQL Server including DBAs. You will be able to properly manage the networks that have applications running on SQL Server, including SharePoint.

The tool is easy enough to use that non-DBA techs can quickly and easily run the scan and generate all the reports needed for maintaining and reporting the status of any SQL Server database. Yet the information delivered in the reports is powerful enough to give even the most savvy Database Administrator insights to assess potential threats and gauge the overall health of the databases BEFORE something critical goes wrong