Network Device Security Configuration Assessment

Primary Contact:  Carl N. Kriebel CISSP

It is critical to assess risks prevalent within an organization’s core network infrastructure. As technology constantly evolves, core network appliances and other devices are frequently shipped and installed with "out-of-box" settings that lack the hardening required for maximum security.

Schneider Downs has the expertise to identify and assess the risks of single and cumulative vulnerabilities that exist across a wide range of devices, from firewalls to switches and routers. 

Our Network Device Security and Configuration Assessment is a comprehensive analysis of potential vulnerabilities and misconfigurations on a device. 

We perform automated and manual assessments and take a collaborative approach to establishing an action plan to remediate all identified vulnerabilities. We also consider any other security components and mitigating factors in determining the overall risk to the security posture of the organization's internal network appliances.

 Detailed Approach to a Network Device Security and Configuration Assessment


  • Develop Technical Understanding
    Schneider Downs begins by developing an understanding of our client's network infrastructure through reviewing the network topology, meeting with key technical personnel and understanding any other points of access that may not be indicated within the organization's technical documentation.
  • Determine High Risk Devices: From here, we collaborate with the client to determine which high risk devices to incorporate into our assessment.
  • Automated Identification of Vulnerabilities for High-risk Devices: We then take an automated approach to identify all vulnerabilities or misconfigurations for each device.
  • Assess Vulnerabilities Considering Mitigating Factors: We utilize our deep experience to collaborate with our clients and assess the findings to determine their actual threat and risk exposure to the organization. In doing so, we take care to consider other mitigating factors—such as superseding rule sets, access levels, isolation within the network and other security devices—that will impact risk.
  • Provide Detailed Vulnerability Report:
    We will provide a comprehensive vulnerability report with the following data points for each vulnerability or misconfiguration uncovered during the assessment: findings, rating, impact, ease of exploit, recommendations and ease of fix.
  • Client Discussion:
    We meet with the client to discuss our fully vetted findings to ensure that the risks posed for each vulnerability or misconfiguration, along with our recommendations for remediation, are fully understood. 

About Schneider Downs Cybersecurity

As the protection of systems and critical data continues to be a major component of cybersecurity awareness, Schneider Downs maintains an in depth knowledge of industry best practices and can assist your organization in identifying vulnerabilities and overall risk to your internal network infrastructure.

The Schneider Downs Cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security and vulnerability assessments, as well as a robust digital forensics and incident response team. Learn more at

View our additional IT Risk Advisory services and capabilities

Get the latest insights and news in our bi-weekly newsletter, Focus on Cybersecurity

contact us

Metropolitan Washington