Obtain an accurate understanding of your security and risk posture, while ensuring compliance with industry regulators and information security best practices.
Because of its nature and medium, wireless networks are inherently less secure than wired networks. From rogue access points to weak encryption algorithms, threats to wireless networks are unique and the risk the technology poses can be significant. For this reason businesses must be cognizant of the security implications an unsecured wireless network can have on an organization. Praetorian's wireless penetration testing and assessment services help businesses evaluate the security of their wireless implementations and provide recommendations for improvement.
Praetorian's wireless security testing focuses on enumerating and verifying potential attack vectors and threats to your organization's wireless infrastructure. The wireless security review is compromised of the following three phases: 1) Wireless architecture review, 2) Wireless configuration review, and 3) Access point discovery.
Wireless architecture review: Praetorian will begin the wireless security review with an examination of the wireless architecture and how it relates the wired network environment. Major points of interest will be appropriate segmentation of the two technologies and access controls enforced for various privilege levels within the organization.
Wireless configuration review: Once Praetorian has obtained an understanding of the wireless network architecture and how it related to the wired network, Praetorian will conduct a configuration review of both a wireless client and wireless access point.
Access point discovery: Praetorian will first attempt to identify and document all your organization's wireless access points. Praetorian will accomplish this by using powerful Ubiquiti and/or Yellowjacket devices to physically comb both the interior and exterior of all buildings for wireless signals. The purpose of the discovery phase is to identify points of exterior signal bleeding, inventory authorized access points, detect rogue employee access points, and create a structured plan for the wireless security assessment and wireless penetration test.
Upon completion of the assessment Praetorian shall provide a single electronic report deliverable. The report will provide an analysis of the current state of the assessed security controls. The analysis will identify areas that need to be resolved in order to achieve an adequate level of security. The detailed contents of the deliverable are described below.
The report deliverable will include the following high level sections in a format suitable for management:
The report deliverable will also include the following in-depth analysis and recommendations for technical staff to understand the underlying risks and recommendations: