Wipro Technologies - e-Business Case Studies, Security Penetration Testing

Search

e-Business Home

Practices

Enterprise Architecture Consulting

Security Services

Web Services

Portals & Content Management

Application Integration

Business Intelligence and Data Warehousing

Case Studies

e-BUSINESS

Case Study

Security Penetration Testing

The Customer

The customer, a leading provider of Utility Services in Europe is a global specialist in Water and Wastewater operations, products and services. The customer company serves 51 million customers in 46 countries, ranking as world’s third largest Water and Wastewater Service Company. With more than 14,000 employees, the customer has a market capitalization of around $2.5billion in fiscal 2002.

The Challenge

The customer who is the world's third largest water company wanted to identify potential security risks to the network systems. They wanted to validate security for the network perimeter spread across multiple physical locations across Asia Pacific & Europe and obtain an assurance on the level of resilience of the firewalls.

The business challenges faced by Wipro during the project were,

	To conduct an external penetration test of the firewalls with a view to identify,
	any network design problems or mis-configurations
	the ability of the existing network security controls to detect intrusion attempts
	possibility of unauthorized data manipulation or loss due to circumvention of network security
	possibility on compromise of core services behind the firewall

The Solution

Wipro carried out an exhaustive examination of the firewalls to give an objective up-to-date report on security status as seen from the outside world. Ten firewalls were covered by the Penetration Testing scope for this assignment.

Wipro addressed the customer's pain areas by understanding the size and scope of the network security. It then carried out an ‘External Internet Security Penetration Testing’ on the firewalls via the internet to identify the security vulnerabilities and potential risks associated with those vulnerabilities. A simulation of real-world attacks was conducted with the help of various tools, scanners and scripts to exploit system vulnerabilities via the Internet.

The penetration testing was carried out in the following phases,

	Identifying open services
	Mapping network configuration / topology from outside
	Identifying all servers, operating systems and applications
	Identifying vulnerabilities and analyzing impacts and risks
	Denial of Service attacks
	Reporting and recommending solutions

Wipro analyzed the findings of the test for possible harm and recommended solutions that were based on the causes and potential impacts. The customer is in agreement with the recommendations and is taking necessary steps to secure the network inline with the solution suggested by Wipro.

Benefits to the customer

Wipro's expertise and experience in infrastructure security ensured accurate findings and realistic recommendations for mitigating security risks across the customer's network systems.

Risk Benefits

Wipro minimized security risks by assessing the customer’s infrastructure vulnerabilities and recommended solutions with proven methods to enhance security

Cost Savings

Wipro suggested cost-effective risk-mitigation measures based on the customer’s business requirements that would ensure security and continuity of the business

Customer Satisfaction

Penetration testing was conducted with minimum interruption and damage across customer systems to identify security vulnerabilities, impacts and potential risks.


	Send us an email Request proposal for services Subscribe to our monthly newsletter

CASE STUDIES

	Secure Privacy solution for large Retailer
	A Biometrics based Authentication Server Development
	Application security framework for a leading International Financial Services Company
	IT due diligence of online brokerage firm for leading insurance firm
	More case studies

Privacy

Sitemap