Marco
UnifyIT
Assessment
Findings
Review
marconet.com
Overview
Network Overview
Vulnerability Slide
Security
RISK & COMPLIANCE SCORES
Vulnerability Slide
SECURITY
Vulnerability Slide
SECURITY Security
• Review users not logged in for 30 days
• Remove unneeded disabled users
• Review computers not logged in for 30 days
Vulnerability Slide
SECURITY
Security
• Review and address vulnerabilities
Vulnerability Slide
Security
Security
• Install the Windows 10 security updates
• this may require a manual process
• Install third party patches
Vulnerability Slide
SECURITY
Vulnerability Slide
SECURITY
Security
• Review ‘High’ scan alerts
• Continue monitoring external scan results monthly or quarterly Vulnerability Slide
Antivirus
Antivirus
Antivirus
• Install antivirus on all PCs and servers
• Enable firewall protections on all PCs and servers Vulnerability Slide
Network
NETWORK INFRASTRUCTURE
Concern Impact Recommendation
Devices on old or unstable code
versions
Increased vulnerability to bugs and
security vulnerabilities
Upgrade code versions to most recent
stable versions
Current network equipment is End of
Life or End of Support
No future enhancements to network
functionality, loss of productivity and
security
Replace or budget for replacement
Quantity Model # Serial Number
End of Sale
(Model)
End of Vulnerability
Support (Model)
End of Hardware
Support (Model)
Support Contract
Status? (Device)
Software
Version
Software Version
Date
Upgrade To (current
software version)
Current Software
Date
1 Cisco 2960X-24PS-L FJC2226W0EW TBA 2025+ 2025+ Covered 15.2(2)E7 7/14/2017 15.2.7E1(MD) 4/14/2019 1 Cisco 2960X-48LPS-L FJC2224W00L TBA 2025+ 2025+ Covered 15.2(2)E7 7/14/2017 15.2.7E1(MD) 4/14/2019 1 Cisco 2960S-48TS-L FOC1708X1XS 11/6/2015 11/5/2018 11/30/2020 Not Covered 15.0(2)SE4 7/1/2013 15.2.2E9 (MD) 9/11/2018 2 Cisco 2960S Switch 11/6/2015 11/5/2018 11/30/2020 15.2.2E9 (MD) 9/11/2018 1 Cisco ME 3400E 10/3/2018 10/2/2021 10/31/2023 12.2.60-EZ15 (ED) 5/24/2019 Network Switches
Asset Management Slide
NETWORK INFRASTRUCTURE
Insecure listening ports (10 pts each)
Current Score: 10 pts x 32 = 320: 5.16%
Issue: Computers are using potentially
insecure protocols.
Recommendation: There may be a legitimate
business need, but these risks should be
assessed individually. Certain protocols are
inherently insecure since they often lack
encryption. Inside the network, their use should
be minimized as much as possible to prevent
the spread of malicious software. Of course,
there can be reasons these services are needed
and other means to protect systems which listen
on those ports. We recommend reviewing the
programs listening on the network to ensure
their necessity and security.
Insecure listening ports (10 pts each)
Current Score: 10 pts x 32 = 320: 5.16%
Issue: Computers are using potentially
insecure protocols.
Recommendation: There may be a legitimate
business need, but these risks should be
assessed individually. Certain protocols are
inherently insecure since they often lack
encryption. Inside the network, their use should
be minimized as much as possible to prevent
the spread of malicious software. Of course,
there can be reasons these services are needed
and other means to protect systems which listen
on those ports. We recommend reviewing the
programs listening on the network to ensure
their necessity and security.
Network
• Disable insecure listening ports
Firewall
FIREWALL
Concern Impact Recommendation
Devices on old or unstable code versions Increased vulnerability to bugs and security vulnerabilities
Upgrade code versions to most recent stable
versions
Current firewall equipment is End of Life or
End of Support
No future enhancements to network functionality,
loss of productivity and security
Replace or budget for replacement
Quantity Location Model #
End of Sale
(Model)
End of Vulnerability
Support (Model) Software Version
Software Version
Release Date
Latest Version
Available
Release Date of
Latest Version
1 Server Room Sonicwall NSA 3600 TBA 2025+ 6.2.6.1-25n 11/2/2016 6.5.4.3 5/7/2019 1 Server Room Sonicwall NSA 3600 TBA 2025+ 6.2.6.1-25n 11/2/2016 6.5.4.3 5/7/2019 1 Server Room Sonicwall NSA 220 8/15/2015 8/16/2020 5.9.1.10 10/25/2017 1 Copenhagen Office Sonicwall TZ400 TBA 2025+ 6.5.4.3 5/7/2019 1 London Office Sonicwall TZ400 TBA 2025+ 6.5.4.3 5/7/2019 Firewalls
Asset Management Slide
Server
SERVERS
Operating system in Extended Support (20 pts each) Current Score: 20 pts x 7 = 140: 3.52%
Issue: Computers are using an operating system that is in Extended Supported. Extended Support is a warning period before an operating system is no longer supported by the manufacturer and will no longer receive support or patches.
Recommendation: Upgrade computers that have operating systems in Extended Support before end of life.
Operating system in Extended Support (20 pts each) Current Score: 20 pts x 7 = 140: 3.52%
Issue: Computers are using an operating system that is in Extended Supported. Extended Support is a warning period before an operating system is no longer supported by the manufacturer and will no longer receive support or patches.
Recommendation: Upgrade computers that have operating systems in Extended Support before end of life.
Vulnerability Slide
20
SERVER INFRASTRUCTURE
Quantity Model # Servers Serial Number
End of Sale
(Model)
End of Hardware
Support (Model)
Support Contract
Status? (Device) Software V
1 C8S53A HPE MSA 2040 3/5/2018 3/5/2022 Expired 10-23-2018 1 DL360 Gen9 HPE ProLiant DL360 Gen9 MXQ542072Z 4/2/2019 4/2/2024 Expired 10-23-2018 1 DL360 Gen9 HPE ProLiant DL360 Gen9 MXQ542072Y 4/2/2019 4/2/2024 Expired 10-23-2018 1 ML350p Gen8 HPE ProLiant ML350p Gen8 2M243202C2 8/17/2015 8/17/2020 Expired 11-9-2017 1 T320 Dell PowerEdge T320 C40S942 Expired on 2-24-2018 Servers & Storage
XXXXXXX-XXX
XXXXXXX-XXX
XXXXXXX-XXX
XXXXXXX-XXX
XXXXXXX-XXX
Asset Management Slide
Workstations
Workstations
• All PCs are running Windows 10
• Install security updates and third party updates on all PCs
• 109 drives are encrypted
WORKSTATIONS
Vulnerability Slide
Technology
Roadmap
2026
Today
202*-****-**** 2025 2026
Jan 27 Password Policy Review & Update
Jan 28 Active Directory Review and Cleanup
Jan 29 Password Reset
Jan 30 Install Windows Security Updates
Feb 1 Install Software Patches and Security Updates Feb 3 Review and Address Internal Vulnerabilities
Feb 4 Multifactor Authentication
Feb 4 Review Antivirus and Windows Firewall Status (update as needed) Feb 5 Security Policy Review - Password Manager
Feb 6 Install Third Party Updates
Apr 1 Disable Insecure Network Listening Ports
Aug 1 Windows Server 2012 R2 Upgrade
Sep 1 VMware ESXi & vCenter Upgrade
Sep 1 Upgrade or Replace Widnows 10 PCs
Nov 1
Windows Server
2016 upgrade
stay connected. @marcotechnology facebook.com/marcoculture