External penetration tests are conducted remotely and reflect the attempts of Internet hackers to break into your network.

A Network Penetration Test begins with a comprehensive analysis of publicly available information about the target. Next is a network enumeration phase, where target hosts are identified and analyzed. The behavior of security devices, such as routers and firewalls, are analyzed. Vulnerabilities within the target hosts are then identified, verified and the implications assessed.

Network Penetration Testing can be performed as either White Hat or Grey Hat test. White Hat testing is performed with knowledge of the client network IP addresses and configuration based on information provided by the client, and is used to determine what external vulnerabilities exist on the network. A Grey Hat test takes this a step further, with LockNET security engineers not only identifying vulnerabilities, but also demonstrating that they have the ability to access your network.

Penetration testing of your network perimeter is recommended at least once per year, and after you have any major reconfiguration or expansion of your network.

Key Features of LOCKNET Network Penetration Testing:

• A formal process which includes the following phases:

  - External information gathering of the network
  - Enumerate and identify perimeter devices
  - Perimeter information gathering
  - Assess vulnerabilities of perimeter devices and ports
  - Report generation

• Identifies open ports and resources that are exposed to determine if your security investments are actually detecting and preventing attacks.
• Customized reporting, with limited false positives, delivered in protected PDF format that can be shared with auditors and other parts of the organization.
• Trend reports can be generated from multiple scans
• A vulnerability risk rating is assigned to each vulnerability, as well as an overall risk rating for each penetration test performed (based on Common Vulnerability Exploits [CVE] standards)