Architecture is a "top down" methodology consisting of solution design, methodology and high level technical documentation. It is forward thinking and documentation built from product specifications, vendor guidance, solution knowledge, lab testing outcomes, and high level plus detailed technical implementation plans that lead to a repeatable process.
Audit: by contrast is a "bottom up" approach of reverse engineering what's already implemented with the intent of providing a repeatable process in the event of Disaster Recovery, or just as a means of intelligent searching for both good and bad practises, opportunities and threats. Its goal is to identify future intelligent action. Options include auditing for a specific goal such as Disaster Recovery, System Health & Performance, Implementation & Best Practise or for Security weaknesses.
Documentation: is the production, collection and organisation of technical documents and installation materials that in the case of system documentation allows for re-producing the last known state of a system or aspect thereof after a system failure or security breach. A written offline state audit is an excellent security tool for identifying un-authorised changes over time. The listing of processes allows for faster recovery saving re-learning time and and will alert you to in advance to weaknesses.
During 2013, reports disclosed large scale hacking, surveillance and unlawful interception not just by hackers but also by governments and state sponsored entities. An old statistic said that if an unpatched server was connected to the internet, it would be security compromised in under 7 minutes. This shows that defensive steps must be taken before connecting to at risk environments like the internet, but also that defensive measures must be continually maintained in order to stay secure and reduce risk. CitiNet implements defensive security products by building the security infrastructure that protects organisations from a variety of evolving threats. Typical defensive security products include:
CitiNet provides security advice, security auditing & penetration testing services as a means of confirming security exists and our services are secure, security strategy, use of technology, and applied security in the implementation of security products & technologies to defend and protect against risk and provide privacy.
At a glance:
Network Consulting & Engineering is a multi discipline field involving the design, build & integration of not just the network infrastructure, but everything that connects to it. Therefore it touches on:
We offer a mix of offensive and defensive security services, with the sole objective of providing defensive security
Security Auditing (offensive)
Test your existing security for weakness against known attacks.
Security Hardening (defensive)
Security Hardening is reviewing and recommending (or making) changes which will proactively improve security. These are often design or disciplinary related.