Network-/ Security Infrastructure Testing

Check the security of your IT infrastructure - comprehensively and with precision.

In addition to all other established measures such as firewalls, network zoning, endpoint detection and response (EDR), BCM/ITSCM plans and concepts, (ISO) audits, and others, penetration tests and security assessments are of central importance in your IT infrastructure. They provide clear insights into whether there are any known or, in some cases, previously unknown vulnerabilities in your infrastructure. This is thoroughly tested by specialists using a standardized and structured approach in network/security infrastructure tests.
Get a quote now

Our Network-/ Security Infrastructure Testing Services

Web Security/Vulnerability Scan (Network/Infrastructure)

A security scan, also known as a vulnerability scan, is suitable for on-premise infrastructures, in the cloud or even in hybrid scenarios. In particular, it can help identify vulnerabilities on a large number of systems, in entire networks, network segments or individual IP address ranges. In addition, a discovery scan can uncover systems and/or services that have not been inventoried, and even misconfigurations in firewalls can be detected.
For vulnerability scans, automated test software is used, which is parameterized by our specialists according to your needs. Mainly unprivileged scans and, if required, privileged scans are carried out to uncover generally known vulnerabilities on a large number of systems in a short time. Depending on the number of systems and the risk assessment, a subset of the results can be further analyzed manually.
Oneconsult offers both scans over the Internet to simulate an external attacker, as well as from internal networks to identify vulnerabilities that can be exploited by an internal attacker. The tests can be carried out remotely (with appropriate access to the relevant networks, for example via VPN) or on-site.

System Penetration Test

Within the network and security infrastructures, Oneconsult tests various systems and components in order to check for vulnerabilities and their particular security aspects. These systems include, for example, network switches, network management consoles, virtualization solutions, IDP and IPS systems, backup solutions, system and configuration management solutions, IAM systems, and other solutions. The procedure is based on security scans; the depth of testing and the tools to be used are specially selected depending on the test object. In addition, you will be shown whether the configuration of the systems can be manipulated and whether the protocols or encryption algorithms meet current requirements.

Firewall Security Assessment

Firewalls are the most obvious components of IT security infrastructures. Nevertheless, configurations or rulesets often do not, or perhaps no longer, meet expectations. “Historically grown” access control rules, increasing complexity due to hybrid scenarios, and often unclear allocation of responsibilities can lead to undiscovered loopholes for cybercriminals.  With the firewall security assessment, you gain an overview and potential security gaps, or misconfigurations are uncovered. Oneconsult uses automated tests, manual analyses, collaborative configuration checks, and concept reviews (target-actual comparison) to assess the effectiveness of your firewalls, product-independent and with a focus on security.

Wireless LAN Security Assessment (WLAN)

Wireless networks are now indispensable and highly exposed, as attackers usually do not need to be physically present on company premises or in the building to connect to an access point. This makes it all the more important to implement appropriate measures to prevent unauthorized access and connections. During the WLAN security assessment, your wireless networks are analyzed according to IEEE 802.11 standards and their use with hardware and software-based scanners, rogue access points, and configuration reviews. Authentication and encryption are just as important as client-side configuration and the handling of access information.

Email Security Assessment

Cybercriminals continue to use simple emails as a gateway to prepare cyberattacks. Therefore, the email infrastructure must be specially protected and configured accordingly, and email security measures must be regularly adapted to current threat scenarios. Spam, malware, and content filters are now standard, but many other measures are still needed to maintain the highest possible level of security in this area. Whether on-premise email systems (e.g., MS Exchange) or cloud-based (e.g., Exchange Online/M365), Oneconsult's specialists check the configuration and effectiveness of the implemented protective measures end-to-end. You will receive specific recommendations for improving your security. In addition to the email security assessment, which primarily checks the mail infrastructure and the mail clients used, please also note the offers in the area of phishing or spear phishing and awareness campaigns.

VoIP / UC Security Assessment

Communication via VoIP or Unified Communication (UC) solutions is standard today, but also very exposed. Eavesdropping on telephony has always been popular and is still possible today, often due to faulty configurations. The VoIP/UC Security Assessment offers a comprehensive evaluation of your systems by analyzing and evaluating network traffic, protocols, log data, and other data. Additional configuration reviews and automated tests identify and evaluate exploitable vulnerabilities and misconfigurations. Oneconsult is vendor-independent and focuses on validating whether implemented hardening and security measures are effective or advising you on the security relevance of configurations.

Remote Access Security Assessment

Remote access is widely used in various forms. As practical and necessary as these access methods are for accessing your internal and sometimes highly sensitive systems and data, they are also popular with cyber attackers. Security is therefore of central importance in remote access solutions.
A remote access security assessment helps you to verify that authentication, authorization and encryption meet the highest standards and cannot be circumvented or manipulated. A great deal of attention is also paid to whether unauthorized access to applications and systems is possible by exploiting the remote access solution (lateral movement, privilege escalation, etc.). Automated tests, but above all individual manual analyses and configuration reviews are carried out. A precise definition of the test object and the test depth during scoping and at the kick-off is essential, as the boundaries (client – remote access infrastructure – authentication solution – target systems – end applications, etc.) are not clear-cut and depend on the complexity of the infrastructure. The specific issues that need to be clarified can also vary greatly. 

Our statistics confirm this

Companies around the world rely on our expertise every day. This is confirmed not only by our long-standing customers but also by our statistics.
Cyber Security Projects
0 +
Incident Response Operations
0 +
Security Consulting Projects
0 +
Red Teaming Projects
0 +

Secure Network & Security Infrastructure with Confidence

Our Network & Security Infrastructure Testing uncovers vulnerabilities, misconfigurations, and risks in your on-premises, cloud, or hybrid networks. We assess firewalls, switches, remote access, virtualization, and email/VoIP/UC systems, providing practical recommendations to reliably secure your infrastructure.

Get a quote now

Get a Network- / Security Infrastructure Testing quote now

Oneconsult Insights

Browse through exciting articles, the latest news and helpful tips & tricks from our experts on all aspects of cyber security.
Go to blog
Cybersecurity

Windows 11 Hardening With Intune: Methods and Recommendations for a Secure Environment

Attack Simulation / Red Teaming

Password Spraying: Procedure, Risks, and Protective Measures

Attack Simulation / Red Teaming

Purple Teaming: How to Strengthen Your Organization’s Cyber Resilience With Attack Simulations

Digital Forensics

Analyzing Bitcoin Addresses: How to Detect Cyber Fraud Early On

Incident Response

PDF Phishing: How To Protect Yourself Effectively

Cybersecurity

Perfect 10: Discovery of Critical IBM AIX NIM Vulnerabilities (CVE-2024-56346 & CVE-2024-56347)

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

  • What and who is affected?
  • Who discovered and reported the incident?
  • How and when was the incident noticed?
  • What did you observe?
  • What are you concerned about in connection with the incident?
  • What actions have already been taken?

For more information about our DFIR services here:

QR_CSIRT_2022_EN@2x
Add CSIRT to contacts

Don’t miss anything! Subscribe to our free newsletter.