Network Audit & Technology Check-up

network | Full Spectrum Computer Services

Tired of Technology Problems That Keep Coming Back?

If you’re wasting your time dealing with slow, unresponsive technology, missing or lazy tech support, and repeat issues, it’s cutting into your productivity and profitability. Whether you have an immediate need or just want a second option, our deep-dive network audit services will reveal hidden problems, security vulnerabilities, and other issues lurking on your network.

 

Network Audit

Is It Really Free?

In the past, we’ve reserved our network audit services for clients on our Managed IT platform, allowing us to find, diagnose, and resolve issues before they turn into disasters. For everyone else, we used to charge for the service. However, due to the increasing number of threats that Oshawa businesses face, we’ve decided to make this valuable service available to any business absolutely free.

 

While there’s no obligation, we do hope that this will give us a chance to show your business how working with Full Spectrum Computer Services is different than any other tech support company. You’ll get to experience the level of detail, professionalism, and comfort that your organization deserves.

 

What is a network audit?  We work together alongside you and your staff where we “take a look under the hood” of your business technology environment.  After this, a network audit report is generated and we go over it line by line explaining to you what is right with your network and what is wrong.

 

Here are a few items included in the Network Audit Report:

  • Diagnose slow, unstable PCs
  • Look for hidden conflicts and problems on the network that could turn into bigger issues
  • Failing hardware
  • Viruses, spyware, and other security risks that may allow hackers and other threats into your network
  • Updates to software and security patches
  • The integrity of your data backup solution
  • A comprehensive review of technology
  • Employee Desktop Computers
  • Applications and licensing
  • Email Hosting and Internet Access
  • Vendor Contracts and Costs
  • Cloud Storage and Backup
  • Backup and Security
  • Servers and Desktops
  • Networking Equipment
  • Phone Systems and Telephony
  • Human Resources

Free Network Audit

This is a no-obligation, risk-free assessment.

 

We don’t believe in pushy salespeople. We just feel that local Ontario businesses should experience enterprise-level IT support.

Start doing IT the proactive way with Full Spectrum Computer Services.

 

To get started, fill out the form or, for a more personal touch, reach out to us at: 289-201-5911.

    Free Network Audit Process

    We would like to meet with you to gain an understanding of any concerns or requirements you may have.

    If you are comfortable with us installing a small piece of software on each computer, this can normally be done from the server without any interruption to the user.

    Our software will then gather the required data, enabling us to create a simple report to give you an overview of your existing IT infrastructure.

    Once we have this data, we will arrange another meeting with you to discuss our findings.

    When we have completed the audit we will uninstall our software from your network

    network | Full Spectrum Computer Services

    Network discovery consists of the processes Qualys performs to identify each device that resides on your network. The result of the network discovery process is a map of all devices found. This map can be viewed in graphical or text format. In particular, the network map depicts:

    • Network topology
    • Access points to the network
    • Machine names
    • IP addresses
    • Operating Systems
    • Discovered services, such as HTTP, SMTP, Telnet, etc.

    The network map can be downloaded in multiple formats, including PDF, ZIP (HTML), XML, MHT and CSV. Qualys also provides a tool for importing a network map from XML to Microsoft Visio.

    Full Spectrum Computer Services uses a unique inference-based scan engine to find vulnerabilities. Each scan begins with a pre-scan module which accurately fingerprints a host. The fingerprinting is performed by sending a series of specially crafted packets to the host and by interpreting the results.

     

    Full Spectrum Computer Services is able to, with a degree of accuracy exceeding 99%, identify the host operating system, services running and ports opened. Once this information has been captured, the inference-based scan engine selects only the appropriate vulnerability checks to run, runs them, and interprets the results. This approach, consisting of the pre-scan and the inference-based scan engine, accelerates the scanning process, minimizes traffic load on your network and touching your systems, and improves overall accuracy.

    Full Spectrum Computer Services assesses the security risk of all networked, IP devices. This includes all routers, switches, hubs, firewalls, servers (all common operating systems), workstations, desktop computers, printers, and wireless access devices.

    Full Spectrum Computer Services scans for more than 20,000 vulnerabilities across hundreds of applications and operating systems.  Full Spectrum Computer Services maintains the industry’s most comprehensive Vulnerability Knowledgebase. New vulnerability signatures are added to the Qualys Vulnerability Knowledgebase every day. These signature updates are seamlessly made available to all FSCS users automatically. Also, to further promote the FSCS high standard for accuracy, a complete Vulnerability Knowledgebase regression test is performed each time the Knowledgebase is updated.

    For each vulnerability detected, Full Spectrum Computer Services reports detailed information, including:

    Host Information: IP address, hostname & Fully Qualified Domain Name (where available), operating system, and asset group(s).

    Vulnerability Information: vulnerability severity, description of the threat posed by the vulnerability, recommendation for correcting the problem (including links to vendor sites), and the result, if available, which shows how FSCS verified the vulnerability. These fields can be customized for every signature in the Qualys Vulnerability Knowledgebase.

    Full Spectrum Computer Services reports can be customized so the user only views and/or prints the vulnerability assessment data that is of interest to them.

    Yes.

    Full Spectrum Computer Services scans are completely customizable. Users can choose to run vulnerability scans either on demand or on a scheduled basis. Each scan can be set to run every applicable vulnerability check (as determined by the inference-based scan engine) or a scan can be performed looking for a subset of vulnerabilities. Further, scans can be run against a single IP address, a group of assets, a subnet / network range, or against an entire network and/or domain.

    Several customization options are available. When running a scan, the following settings can be tweaked to meet any specific need:

    • TCP ports scanned
    • UDP ports scanned
    • Load balancer detection
    • Performance settings
    • Authentication

    Users can customize vulnerability scoring within FSCS by using the Common Vulnerability Scoring System (CVSS) support. CVSS is an industry open standard designed to convey vulnerability severity and risk, allowing corporations to take into consideration their own security metrics.

    User customizable scoring is based on three criteria:

    • Base – Fundamental, unchanging qualities of the vulnerability
    • Temporal – Time dependent qualities of the vulnerability
    • Environmental – Implementation and environment specific qualities of the vulnerability

    Full Spectrum Computer Services is designed to minimize both the audit time as well as the network bandwidth it uses. Thus, its impact on network traffic load is minimal. In addition, if FSCS detects that the target host or network performance deteriorates during a scan, Full Spectrum Computer Services will adapt dynamically and reduce the scan speed.

    FSCS allows for a variable bandwidth load (low, normal, high, or custom) on the machines being scanned.  Full Spectrum Computer Services closely monitors the time-response (through RTT, response-time tests) and dynamically adjusts the load according to the selected setting. Furthermore, Full Spectrum Computer Services will only run the vulnerability checks appropriate to the type of machine scanned (for example, no test specific to Windows operating systems will be run against a Linux machine).

    When Full Spectrum Computer Services tests for a Denial of Service (DoS) vulnerability on a host, it sends specially crafted packets that are designed to not impact the host availability. By analyzing the host’s response, Full Spectrum Computer Services can determine if the host is vulnerable to a DoS attack without flooding it with traffic and causing a service interruption.

    An additional method to verify that a host is susceptible to a DoS attack without jeopardizing the host’s stability is by using authenticated scanning. User credentials can be leveraged to perform authenticated audits against hosts which allow for deeper assessments of the devices. FSCS supports Windows, UNIX (via SSH, Telnet, and/or rlogin), SNMP authentication methods.

    Most vulnerability assessment tools require passwords or manual configurations to scan databases. In contrast, Full Spectrum Computer Services detects and audits databases, including PostgreSQL, Oracle, SQL Server, MySQL, & Sybase, without requesting any credentials or configuration information. FSCS searches for vulnerabilities or erroneous configurations that may lead to information leaks, theft of data, or even intrusion and denial of service attacks, all without authenticating to the database.

    Full Spectrum Computer Services also supports Oracle authenticated scans to perform even deeper audits of the configuration settings of an Oracle database.

    Firewalls are essential to network security.

    Full Spectrum Computer Services tests the effectiveness of firewalls plus applications and services that are naturally accessible through firewalls, such as Web, FTP, and mail services.

    Yes. Full Spectrum Computer Services is capable of identifying viruses, backdoors, worms, trojans, and other malicious applications using a variety of techniques. Each malicious application has a unique footprint left on infected hosts. FSCS is able to find these viruses, worms, backdoors, and Trojans by sending specially crafted packets to the assessed hosts and analyzing the response. In addition, by making an inventory of every open port, both TCP and UDP, on the hosts scanned and identifying the service listening on the open port, Full Spectrum Computer Services is able to verify the presence of a malicious application. FSCS is able to use authenticated scanning to determine malicious software on a host even if it has not listening service.

    Yes. Full Spectrum Computer Services automatically detects if a system is SNMP enabled during host discovery. The inference-based scan engine then attempts to access the SNMP information base. If successful, the SNMP information tree will be displayed in the scan report. Further, the method used to “walk” the MIB will be returned (for example, public / private / default community string, an easily guessed community string, etc.). FSCS also provides a deeper audit option through the use of the SNMP authentication feature which allows users to specify specific community strings to audit against in their environment.


    Network Audit