The reports are written in plain English. Where relevant, the reports explain security vulnerabilities that are found along with ratings for how potentially dangerous they are. The following reports are currently available:
Configuration Reports: We analyze the configuration of your device and present it an accessible and ordered way.
Comprehensive Security Audits: We will process the configuration, analyses it for security weaknesses, and once again present it clearly to you. Security vulnerabilities will be graded according to the risk they pose to the organization, the ease of exploiting the vulnerability and available remediation.
Vulnerability Audits: When firmware/operating system information is provided by the user (for example, a ‘show version’ command is run when the configuration is collected), We will report on known vulnerabilities based on the OVAL and NVD repositories.
Compliance Reports (against a variety of standards): We can report your compliance with the following standards: Center for Internet Security (CIS) Benchmark, Security Technical Information Guide (STIG) Compliance, PCI-DSS Audit and SANS Compliance.
Change Tracking: Where raw configuration or security audit reports are run, We can deliver the result as an XML file for later comparison against another raw configuration or security audit report on the same device.
Raw configuration details: Where possible, we will decode configuration files (if required) and output the results in a human readable form.
Filtering Complexity: Network security device audit reports will highlight conflicting, redundant and overlapping rules and will notify you where thresholds for a given device or group have been exceeded.
Most customers choose to manually retrieve their device configuration files and provide them for audit so we do not need to touch the network, do support network based collection of configuration files for some of our most popular supported devices. Once collated, the configuration files are audited by our SynergyIT Audit team and one or more reports are created and delivered in less than 24 hours. This process is not a scan of the network. It does not create any network traffic by default. It is a configuration analysis audit exercise and it will significantly aid you in hardening infrastructure security, or as part of a