Network security is hot and it's hard to imagine a world without security nowadays. Every now and then we read stories in the news about companies that got hacked, stolen creditcard information, defaced websites or unreachable servers.

To have a secure network it's not enough to place a firewall at the outside of your network, patch some servers and believe the threat only comes from the internet. To give you an example of some of the security aspects you need to think about we'll use the OSI-model. This model describes a network in different layers:

I will describe all layers of the OSI-model, and what you need to think about when we look at security:

• Physical: We are talking about "hardware" here. Where are your servers located? Are they accessible by non-employees of your company? Is it possible to tap a network cable and get access to your network? Where are your back-up's stored? Are you using a wireless network which might be easy to disrupt?
• Data link: The best example of the data layer is Ethernet which we use to build local area networks (LAN). Are your switches secure? Examples of attacks at the data link layer are ARP Poisoning, MAC address flooding and disrupting the spanning-tree topology. When we look at wireless networks you can choose for WEP, WPA or WPA2 encryption. WEP is known to be insecure but even WPA or WPA2 are hackable.. is your network secure?
• Network: The network layer includes IP addressing. Are your routing protocols like EIGRP or OSPF secure? Your operating systems like Windows Vista/7 are running IPv6 natively, but are they protected by firewalls?
• Transport: Here we talk about protocols like UDP, TCP and ICMP. Is your network safe against TCP SYN flood attacks and alike?
• Application: Is your software secure? Do you have patch management to keep your servers and workstations up-to-date? Don't forget to think about the applications that you are using in your network.

Besides looking at the technical part, you also need to pay attention to the following network-related security aspects:

• Users: Social engineering or 'people hacking' is  a very effective method to gain information and/or access to your network. Are your users trained to counter social engineering attacks?
• Organisation: Strong security starts with a good organisation policy. You need a security policy which describes all security related aspects like patch managenemt, actions to take when security breaches occur and so on.

When you let me scan your network, this is what I am offering you:

Complete scan of your network of all the layers in the OSI model.

Document with all the test results.

Recommendations how to increase your network security.

User training to increase security.

After 3 months a 2nd security scan for free to check your current security level.