Tutor HuntResources Network Security Resources
Securing The Enterprise With Enhanced Security Management Tool - Nessus
Abstract for a capstone project - Implementation of enhanced security management tool for an enterprise to secure its data.
Date : 20/01/2021
Author Information
Uploaded by : Sathiyapriya
Uploaded on : 20/01/2021
Subject : Network Security
Abstract Problem: With the increasing digital world practices, the number of
devices participate in the network and the number of devices to service and
support also gradually enlarged to a countless level. Parallelly the silent killers
vulnerabilities also getting increased and impacting many businesses because of
the lack of awareness about the vulnerabilities and periodic scans with
appropriate actions. Hence the periodic scan and detection of vulnerabilities
is important to ensure all the data, devices in the network are secure.This Project
plan and implementation is recommended for Somnet Corp, a fictitious US based
Infrastructure Consultancy services company. The company is strengthened with
5000 employees, 7000 workstations and 800 servers to provide the services to
clients. But the company is lacking much with security policies and the
periodic scans of the vulnerabilities which led to huge business impacts and
losses due to the poor security management. Plan: The suggested plan to secure the company is to deploy an
enhanced security management tool (Nessus Vulnerability Management Tenable
Security Center) to scan, detect and suggest the actions required to remediate.
Along with the security tool, the employees must also be provided awareness
about the vulnerabilities and trained with the actions to be taken to ensure
the physical vulnerabilities also addressed to secure the enterprise.Research Methodology: Before formulating the
implementation plan, the research on the existing logical and physical
vulnerabilities on the assets are assessed. Then the criticality of the actions
to be taken are categorized to design the policies and schedule scans. Finally,
the discussions with the stakeholders, employees are conducted to make sure the
proposed solution addresses all the security issues of the Enterprise.Implementation Proposal: The implementation process of the
proposed plan involves phase by phase steps as below:Phase 1: Planning This
phase works on Inventory checks, defining policies and scans, formation of
responsible teamPhase 2: Test Implementation This phase is designed
for Testing the Nessus installation, remediate actions on test machines Phase 3: Implementation
This phase is involved with Installation of Nessus on production with
configuration of policies and scans, followed by scanning and remediate actions
with risk analysisPhase 4: Review and
fine-tune the process This phase is responsible for re-scan check of
remediated machines and the updated training to the security team membersProposed outcomes: The outcome will result in the
secured network environment of the Enterprise with the periodic scans of
vulnerabilities in place with the Nessus tool and ensures the data and devices
will be free from vulnerabilities and secure enough to run the business without
impacts. Also, it will result in an easier and faster single management console
to take care of the security tasks throughout the network which all the above will
lead the company to next generation security model implementation to improve
the business with the reliable network security environment.
This resource was uploaded by: Sathiyapriya