The vulnerability assessment testing methodology used by Intellisat is effective on both commercial and government network environments and has exposed serious vulnerabilities on systems previously accredited for operational use.

With increasing dependence on distributed networks, outsourcing of services, and reliance on the Internet, a company becomes more vulnerable to security breeches. Once the existence or potential existence of a security breech has been detected, reaction time is critical.

A telephone call from a customer will focus Intellisat security engineers on finding the security breech, recommending a fix, and working with customer or customer's third party representatives to secure the breeched system.

The goal of penetration testing is to determine if the protective controls of a given host (s) and network can be bypassed. Penetration Testing provides evidence (sometimes to an unbelieving audience) that vulnerabilities indeed are exploitable. It brings a dose of reality and intense focus to the vulnerability assessment. Penetration testing is characterized as either external or internal to the network. An external penetration test can be conducted from the following views or combinations of views.

• Valid Account
• Zero Knowledge
• Full Knowledge

The penetration-testing methodology developed by Intellisat has proven to be very effective in determining the exploitable characteristics of the identified vulnerabilities in a given network or host system.

An asset is said to be at risk when a threat agent (hacker, disgruntled employee, system user, natural event, structural failure, etc.) has the ability to exploit an asset's vulnerability. It is widely recognized that attempting to completely remove a threat agent or vulnerability is impossible for many risk scenarios. Therefore, some form of risk assessment must be undertaken to characterize the risk environment.

Risk assessments vary based on the system's lifecycle:

• Early stage system development requires analytical threat and vulnerability risk assessment.
• Implementation and integration of sub-systems require security testing and risk scenario hypotheses.
• Initial and on-going operational stage requires actual threat-vulnerability pairings.

From initial planning and concept stages to full operational status of a computer/network security project, IT professionals may require more in-depth expertise in security issues and processes than is normally available on staff. Recognizing this need, Intellisat stands ready to provide corporate and governmental IT staffs with technically competent security engineers who pride themselves in working as an additional team member for their customers.

Good security decision-making is based on an organization's security goals. Security goals are communicated to managers, end users, and operations staff through a security policy. A security policy is a documented and formal statement of the governing rules that regulate how an organization manages, protects, and uses assets. The security policy generally addresses goals, objectives, beliefs, ethics, controls, and user responsibilities in the form of high-level and generalized statements.

Intellisat works with designated customer staff to:

• Review existing security policies, both explicitly documented and implied
• Map policies into a customized Security Policy
• Train customer staff on Security Policy

Although each design process is unique to the customer, there are several common elements.

• Analysis of security objectives
• Design of security architecture
• Placement of security products
• Data flow analysis
• Monitoring plans
• Testing design components for effectiveness against project objectives

The Security Design Report details the findings, recommendations and manufacturer's part numbers (when appropriate). Design recommendations are specific, including expected costs and benefits and may include recommendations on project objectives and security requirements.

Intellisat performs security engineering design work for large corporate and government customers, including classified environments.

A sweep of the telephone address space is used to detect unauthorized modems and authorized but insecure modems. These tests are also used to ensure authentication systems are in place and to exploit any vulnerability that may exist. A telecommunications sweep tests to see that no backdoor access is available to the system or network.

The methods and procedures Intellisat uses in a telecommunications sweep have proven effective in verifying the existence and status of modems connected to the network and/or host systems.