Internet Sentinel scans your critical assets daily and requires no installation, no hardware purchases, no software development, no security expertise and no special training. One time assessments are also available.

There are Three Distinct Components of the Internet Sentinel Program

1. Internet Security Review
Organizations interested in participating in this program may be initially reviewed to ensure that a commitment to internet security best practices in the spirit of ISO/IEC 27002:2005 is being followed.

Areas reviewed in this initial procedure include:

• Risk assessment and treatment
• Security policy
• Organization of information security
• Asset management
• Human resources security
• Physical and environmental security
• Communications and operations management
• Access control
• Information systems acquisition, development and maintenance
• Information security incident management
• Business continuity management
• Compliance

2. Daily Vulnerability Health Check

The Internet Sentinel Knowledge Base Scanning Engine uses its up-to-date database to test for all known vulnerabilities on firewalls, Web servers, mail exchangers, UNIX and NT servers, workstations, desktop computers such as PC and Macintosh, printers, and other network appliances.

The Internet Sentinel knowledge base is constantly updated. On average, the Internet Sentinel team adds more than 10 new vulnerabilities to the knowledge base each week. Currently, Internet Sentinel scans and audits more than 300 different applications on 20 different platforms and operating systems. Multiple sources are employed in updating the knowledge base, including Bugtraq (a list of new vulnerabilities published and updated by Security Focus, Inc.), hacking sites monitored by Internet Sentinel, and the research of our own security engineers.

3. Comprehensive Reporting

After each scan, the network administrator receives an e-mail message identifying the total number of vulnerabilities. With a single mouse click, the administrator can then access a detailed report of each scan.

Internet Sentinel generates graphical, easy-to-understand web-based reports that summarize the security of your network devices. The reports include summary information about the scan, general information about the network, specific information about each host, and a list of detected vulnerabilities. Internet Sentinel also generates a CIO/Executive View report, containing a global view of the security level of all networks and IP addresses.

The vulnerabilities report serves as a diagnostic tool for network administrators. For each detected security hole, the report presents a description of the vulnerability, the severity of the vulnerability, the potential consequences of an attack, and recommended solutions to fix the vulnerability. The report also offers URLs containing related documentation and sources of additional information when available. It will also provide resources to obtain related documentation and updates in the future. Internet Sentinel reports all detected vulnerabilities, regardless of whether a vendor-provided solution is immediately available.