CUSTOMER

The customer is a global communications hardware manufacturer.

CHALLENGE

New applications and software from partners, vendors, or internal development groups often contain new or proprietary communications protocols. These protocols could have vulnerabilities that would introduce security risks to the information systems and networks on which those protocols are in use. Without sufficient knowledge of how a protocol operates, critical infrastructure and confidential information could be at risk.

SOLUTION

SSO senior network architects implemented a set of customized protocol analyzers and created a centralized database of protocol details, network architectures, platforms, and the risks associated to each. For every scenario where a protocol passes a firewall boundary, the risks, proposed compensating controls, and supporting documentation is prepared, validated by a senior network architect, and presented to the customer's security team for review prior to enabling the new protocols for use on the organization's networks.
SSO maintains the database, and new requests for protocol analyses can be performed in SSO labs or on customer networks.

BENEFIT

With a centralized repository of protocol, application, service, host, architecture, and implementation details, and the expertise of SSO senior network architects, the risks associated to the use of any network application in any network architecture can be applied to a risk assessment in an expedient manner enabling an organization's internal security or networking personnel to make informed decisions on the most appropriate methods to protect their company's resources.