Network Security Review

Network security is a critical component of any e-commerce system, especially internet gaming systems. It is very important that a high level of network security is maintained to protect user/ player accounts.

Network security review process is to assess whether there are adequate mechanisms and audit logs to protect the e-commerce system from un-authorized access. The main areas we focus are the following:

• Operating system hardening: Operating systems are not usually meant for operating in a high security environment. It may also have bugs. Proper configuration and installation of latest updates are necessary to harden the operating system.
• Network control devices: Firewalls and routers are the main network control devices that control access from/to the internal network. These devices need to be correctly configured to get the desired level of security.
• Network baselines: It is important to identify what is to be protected and then configure the network control devices accordingly. Network baseline is a listing of protected hosts and permitted access from/to these hosts.
• Physical security: Physical security of critical network components is also an important factor.

Network security review broadly aims to achieve the following:

• Identification of hosts to be protected
• Identification of network components to be protected
• Verification of operating system hardening on critical hosts and network devices
• Verification of access from/to critical hosts
• Creation of a network baseline document, that clearly establishes the above