Public and private companies are increasingly aware of cyberthreats and the need for risk management. The Tulsa International Airport decided to conduct an audit of its network devices and business network to discover vulnerabilities that might exist and engaged Burns & McDonnell to conduct the assessment. Our team audited the firewall, switch, workstation and server configurations at the airport and ran discovery and mapping scans of the networks to identify every connected device. They then analyzed the collected network traffic for anomalies.
The cybersecurity team met with the Tulsa International Airport to discuss concerns and propose solutions that addressed only their points of risk. Leveraging their knowledge of the National Instituteof Standards and Technology (NIST) and 20 critical controls, the cybersecurity team performed audits of the firewall, intrusion protection system, and switches for the network examining the configurations and rulesets. They identified several vulnerabilities and configuration issues that could be addressed and suggested mitigations.
The team also performed a discovery and analysis scan of the network, checking the ports and services in use on the connected devices, workstations and servers. They noticed suspicious traffic during the scans and identified hosts to check. The team also suggested hosts for further examination and identified configuration issues on some hosts. At the end of the vulnerability assessment the cybersecurity team provided the airport with the findings, the scans, and the network maps and host lists, which the airport could compare to their list of known devices. They also provided vulnerability mitigations, configuration recommendations, and the steps for making the changes and updates.
The audits allowed the airport to focus its efforts on specific problems and validate the list of discovered hosts and assets. The airport has also followed the team’s recommendations and deployed an intrusion detection system with our team's guidance. The cybersecurity team is continuing to work with the airport on vulnerability and penetration testing and phishing campaigns.
- Network security assessment
- Network and host scans
- Vulnerability identification
- Intrusion detection system guidance
- Audit of firewall and switches
- Vulnerability assessment of network infrastructure
- Discovery and mapping of networked assets
- Analysis of network traffic
- Guidance configuring intrusion detection system