The IT environment, built by 3S Data Center, is based on a complex security system and is adapted to the user’s needs.
From the moment the system is implemented, 3S Data Center can manage the IT environment and take care of the highest and most up-to-date protection through 24/7/365 monitoring and proactive actions by a team of on-duty engineers.
When building security systems 3S Data Center uses its own solutions as well as commercial solutions, building unique hybrid solutions.
It should also be remembered that ‘security’ is not only physical security, but also system and network security, which we propose in the form of three variants of the vulnerability scanner service:
- Black-box scanning to public IP addresses:
The vulnerability scanner will scan the public address assigned to the client’s services. The scan will show possible vulnerability gaps that are certainly visible from the Internet site.
However, it does not give a complete picture of the threat as there may be Firewall, IPS, Web Application Firewall (WAF) devices protecting the target servers on which client applications/databases etc. are running.
- Gray-box scanning for internal IP addressing:
To perform the scanning, it is necessary to “bypass” all security features (Firewalls, IPSs, WAFs, etc.) in front of the servers. The aim here is to get a fuller picture of possible attack vectors. It is necessary to create an IPsec VPN tunnel, i.e. an encrypted channel for data transmission which will allow our scanner to enter directly into your LAN. Such a scan will provide more information about possible security vulnerabilities because it will also verify the vulnerabilities that the Firewall, IPS, WAF protected us from.
- White-box scanning: This scan gives a full picture of possible vulnerabilities on systems. Thanks to the IPsecVPN tunnel and access to operating systems (it is necessary to create temporary high privileged accounts of Administrator / root type, or prepare a set of SSH keys for Linux systems). The scanner is able to list the full list of software versions installed on servers together with a list of vulnerabilities revealed in CVE databases. Moreover, the configuration of the whole server is checked to identify possible threats.
After the scan is performed, a report is prepared on the risks identified together with recommendations.