An internal network assessment seeks to discover the potential vulnerabilities in the event that a trusted resource person or computer goes bad. The auditor reviews host preparedness against worms or viruses introduced behind the firewall. Machines are inspected for openings that might allow a person to gain access to private information. The WAN and LAN are evaluated for firebreaks and content security screening measures are scrutinized.

Internal network security assessments typically involve several activities:

• Internal electronic scans of the network to identify specific vulnerabilities (automated penetration testing).
• Manual inspection of the most troubling vulnerability candidates (manual penetration testing).
• A paper review of the security architecture, including data security controls, access security, network security, public server security and change control.
• Review of use of networks and data as they relate to business practices/business rules
• Identification and evaluation of user access controls
• Evaluation of firebreaks and other internal network connectivity safeguards
• Evaluation of the network for content security protection against viruses and malware.
• Evaluation of intrusion prevention requirements and deployments.

Halestar believes that a prior-knowledge assessment will give a more comprehensive view, and should be performed, even if preceded by a no-prior knowledge test.

Automated penetration test tools scan networks, illuminating “interesting” hosts, gathering revision information and reporting on known vulnerabilities. Manual testing, a considerably more labor-intensive activity, will include vulnerability "proofing" whereby potential liabilities are explored and data are gathered. Both activities pose some risk of service interruption, though Halestar will attempt to minimize the risk. Both activities will take place in agreed-upon windows. Both activities will be staged from within the organization's network.

Halestar will provide critical information as found so that the organization may proactively amend security risks.

Paper review of the security architecture and uses for the internal network will take place at the organization with the organization’s pertinent staff. Subjects under review will be the security readiness of servers, access controls and intrusion detection and prevention. Halestar will further examine the way the network is used from a business perspective.

The results are a document that describes findings, patch-fix recommendations, security architecture advice. The findings will be prioritized in terms of importance and take into consideration the goals of the organization and its tolerance for risk.