A company’s network system is of paramount importance to their ability to conduct daily business operations. If a network goes down, whether from a security breach or for another reason, the cost to individual organizations can be significant. This is just one of the reasons why it is important to select an IT organization that can provide proactive support in order to prevent problems before they even occur. In this post, we will define what network penetration and vulnerability test are, the differences between the two, and why both are essential.
Network Vulnerability Tests
A network vulnerability test scans an entire network, looking for all the vulnerabilities across the entire system. This type of automated test should be conducted on a regular basis, typically every quarter and when any new equipment is added to the network. A baseline report for each new piece of equipment should be included as part of the vulnerability test, with any subsequent changes investigated such as added services or open ports, both of which could mean unauthorized changes occurred on the network.
Network Penetration Tests
A network penetration test, also known as a pen-test, is more specialized than a vulnerability test. A vulnerability test is designed to alert network administrators to any and all weaknesses, whereas a penetration test will report on the severity of any weaknesses found in vulnerability testing. Unlike an automated vulnerability test, a penetration test is conducted by a tester looking for specific ways in which to exploit a network. In short, they are acting as if they are a real hacker.
Some industries are mandated by government regulations as to how often their network should be pen-tested. For others, at a minimum, a professional network support team will recommend their clients have penetration testing when any of the following occur:
- changes in end user policies,
- new office location(s),
- significant upgrades,
- application or infrastructure modifications or additions, and
- after the application of security patches.
If you would like to know more about network vulnerabilities, network testing, or our professional support services, please contact us.