You may have seen our previous post on getting a Cyber Threat Assessment in 5 easy steps, but what exactly does the final report look like?
Well, generally, the report is up to 15 pages in length and divided into 3 sections:
- Security and Threat Prevention
- User Productivity and
- Network Utilisation and Performance.
There is also a page on Vital Network Statistics and an Executive Summary with Recommended Actions. Lets take a closer look each of the 3 sections and what information you might find in these.
Security and Threat Prevention
This section looks at how effective your current network security solution is. It contains details on which application vulnerabilities may be attacking your network, any malware or botnets were detected and can even pinpoint “at risk” devices within your network. Some sample information on what you might see in the report is shown below (click to enlarge):
Many IT infrastructure managers are keen to have more insight into how applications and web resources are used within their network. This sections looks at how peer to peer, social media, instant messaging and other application subcategories are being used within the company network, for example how many users are using facebook, whether it is on a destop or mobile device, and how often it is being used during the day (click to enlarge):
Network Utilization and Performance
How should your network security solution be optimized for performance? Find out more about your throughput, session and bandwidth requirements during peak hours. During the asessment, the Fortinet appliance we use will collate extensive data on bandwidth usage so you can see usage when distributed over an average day, allowing you to better understand your organisation’s ISP connection and interface speed requirements. Bandwidth can also be optimised on an application basis (using throttling), specific users can be prioritized during peak traffic times, and updates can be rescheduled outside of working hours. (click to enlarge):