FEDERAL SUPPLY SERVICE Federal Network Systems LLC - Verizon
FEDERAL SUPPLY SERVICE Federal Network Systems LLC - Verizon
FEDERAL SUPPLY SERVICE Federal Network Systems LLC - Verizon
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Security Services (Antivirus program, account management, domain management; Communications<br />
security; <strong>Network</strong> security (information assurance)<br />
<strong>Verizon</strong> Security Consulting Services. <strong>Verizon</strong>'s Security Consulting Services–also known as "packaged"<br />
security services – help companies quickly improve their information security environment in an effective,<br />
cost-efficient way. <strong>Verizon</strong>’s suite of security consulting services offers complete, end-to-end security<br />
solutions, including:<br />
• Executive Security Briefing. Executive Security Briefings help organizations understand potential<br />
threats to their information assets, and the risks associated with today's computing environments.<br />
These 2-hour presentations are free, value-added services for the first 100 requests on the latest<br />
security threats and solutions. They are delivered to CIOs, VPs, and Directors.<br />
• Genuity Questionnaire. Before work on a security implementation can begin, <strong>Verizon</strong>/ Genuity<br />
administers a required, in-depth questionnaire to help establish a baseline of a company’s existing<br />
security systems, policies, and infrastructure. Because the questionnaire is fairly detailed and many<br />
companies do not have the in-house resources to complete it, <strong>Verizon</strong> provides a security consultant to<br />
assist the customer.<br />
• Vulnerability Testing Services. <strong>Verizon</strong> analyzes customers’ information "insecurity," which consists<br />
of three levels of testing:<br />
- Basic Vulnerability Testing Service. Includes port scans and vulnerability scanning tools; the<br />
latest security methodologies and technologies; and testing of components from external access<br />
points.<br />
- Intermediate Vulnerability Testing Service. Includes the basic testing service, plus consultation<br />
from system component experts who evaluate current security posture, develop guidelines and<br />
recommend improvements, and conduct high-level (basic) penetration testing.<br />
- Advanced Vulnerability Testing Service. Includes the basic assessment, plus comprehensive<br />
(detailed) penetration testing.<br />
<strong>Verizon</strong> provides a number of assessment services, including a Silver level and a more comprehensive<br />
Gold level assessment, as well as host, firewall, and HIPAA assessments, as described below:<br />
- Silver Level Assessment. The Silver Level Assessment includes a basic, external port scan,<br />
physical security review, documentation review, and network architecture diagram review. After<br />
<strong>Verizon</strong> security experts carefully analyze this information, they create a written report, hold a<br />
second meeting to discuss the report and customer security concerns, and finalize a comprehensive<br />
security plan.<br />
- Gold Level Assessment. This security assessment includes the basic components of the Silver<br />
Level Assessment, including a basic, external port scan, physical security review, documentation<br />
review, and network architecture diagram review. <strong>Verizon</strong> security experts carefully analyze this<br />
information, create a written report, hold a second meeting to discuss the report and customer<br />
security concerns, and finalize a comprehensive security plan. The Gold Level Assessment also<br />
includes:<br />
- An advanced, external port scan of the network to identify services.<br />
- A vulnerability scan of the external network (maximum of five public access servers).<br />
- Basic Phone (modem) sweep of the network to search for unauthorized modems connected to<br />
the network<br />
• Host Assessment. A Host Assessment determines how the operating system provides security for the<br />
network. The assessment also includes a review of physical security and how it relates to IT security,<br />
and a procedural review of security procedures in place. Key components of the assessment include:<br />
- An onsite physical security assessment and interview with physical security staff.<br />
- An automated Operating System assessment that gathers data about the operating system, its<br />
security features, settings, and service pack levels.<br />
- Assessment of up to 10 servers (5 external and 5 internal servers).<br />
- A review of the client’s security procedures.<br />
- Written report of findings with recommendations