An external network assessment is an inward-looking snapshot of an organization's security vulnerabilities, as seen from public networks and other ingress points. The results of an external assessment will be a discovery list with interpretation, and specific recommendations for security improvements rated by importance. The results may include broader architectural recommendations, as appropriate.

External network security audits typically involved several activities:

• Internal and external electronic scans of the network to identify specific vulnerabilities (automated penetration testing).
• Manual inspection of the most troubling vulnerability candidates (manual penetration testing).
• A paper review of the security architecture, including data security controls, access security, network security, public server security and change control.
• Review of use of networks and data as they relate to business practices/business rules

Halestar will provide critical information as found so that the organization may proactively amend security risks.

Paper review of the security architecture and uses for the external network will take place at the organization or remotely, with the organization's pertinent staff. Subjects under review will be the placement and configuration of firewalls, VPN concentrators, content scanners, authentication services, databases and so on. Halestar will further examine the way the network is used from a business perspective.

The results are a document that describes findings, patch-fix recommendations, security architecture advice. The findings will be prioritized in terms of importance and take into consideration the goals of the organization and its tolerance for risk.