The heart of any organisation is undoubtedly its internal network and related services. Internal network assessments are often recommended following an external network assessment as a defence in depth approach. This however does not dilute its importance, but rather aims to balance the security posture of both networks.
The idea behind a defence in depth approach is that should any single control fail (be it from an external perspective, or any host internally) along the route to a target, another control could help mitigate, prevent or alert that an attacker is on the network. More often than not, organisations have a good external security posture but a weak internal posture. An analogy of a hard-external shell but squishy internals is often used to describe this. An internal network assessment aims to balance this, providing a realistic perspective of the current security posture should the external permitter be compromised.View brochure