IT Health Check Form

By answering the following questions the BII Testing Team will be able to assess your requirements and produce a quote for a GCSx ITHC Assessment tailored to your needs.

Each question indicates which part of the GCSx ITHC Assessment it relates to. Most questions require an answer and by hovering over the the Advice icon you can read further information. If you are unsure please try to estimate or call our testing team on 01622 618752 for further guidance.

Name
Surname
Position
Organisation
Email
Contact Telephone

Note: BII will only provide quotes to individuals who can be verified as working for (or on behalf of) a UK Local Government Department - we reserve the right to request further clarification on this point before providing a quote.

Assessment

Details

External Network Penetration Test

Please enter the number of target IP addresses you would like tested?
Target No. of IP Addresses:
These are IP addresses on which a system resides, i.e. Router, Firewall, VPN server, Web server, FTP server etc.

These are IP addresses on which a system resides, i.e. Router, Firewall, VPN server, Web server, FTP server etc.

External Network Penetration Test

Please enter the number of IP addresses of the IP range in which the above target systems sit?
No. of IP Addresses:
e.g. a class 'c' = 255 IP address; e.g. a /24 = 255 IP addresses; e.g. a /28 = 16 IP addresses

e.g. a class 'c' = 255 IP address; e.g. a /24 = 255 IP addresses; e.g. a /28 = 16 IP addresses

Internal Network Penetration Test

Please enter the number of systems you would like to receive a full penetration test.
No. of systems:
This should be an appropriate sample size based on the server estate. Typical sample sizes range from 15 to 50.

This should be an appropriate sample size based on the server estate. Typical sample sizes range from 15 to 50.

Internal Wide-scale Vulnerability Assessment

Please advise approximately how many IP addresses you would like to receive a VA scan.
No. of IP Addresses:
This should be an appropriate sample size based on the server estate. Typical sample sizes range from 50 to 500.

This should be an appropriate sample size based on the server estate. Typical sample sizes range from 50 to 500.

Network Mapping / Host Discovery

Please confirm approximately how many class 'c' network ranges are routed on the council's WAN.
No. of class 'c' network ranges:
Typical sizes range from 20 class c's up to 100.

Typical sizes range from 20 class c's up to 100.

GCSx Firewall Configuration Review

Please advise whether the firewall in use is of one of the following types:
Cisco PIX/ASA
Juniper Netscreen
Checkpoint/Nokia
Other (please specify):

GCSx Firewall Configuration Review

Please confirm the rule base size on the firewall:
less than 20
21-50
51-100
more than 100

Internet Firewall Configuration Review

Please advise whether the firewall in use is of one of the following types:
Cisco PIX/ASA
Juniper Netscreen
Checkpoint/Nokia
Other (please specify):

Internet Firewall Configuration Review

Please confirm the rule base size on the firewall:
less than 20
21-50
51-100
101-200
201-300
more than 300

Other Boundary Firewall(s) Configuration Review

For other boundary network firewall(s), please confirm the rule base size(s):

	firewalls @ less than 20 rules
	firewalls @ 21-50 rules
	firewalls @ 51-100 rules
	firewalls @ 101-200 rules
	firewalls @ 201-300 rules
	firewalls @ more than 300 rules

Network Topology Review

Would you like a network topology review included in the scope?
Yes
No

Internal OS Hardening/ Build Review

Please confirm the sample size of key business systems you wish to receive a build review:

Windows:
Linux:
Solaris:
AIX:
Other (please specify):

Wireless Test

Please confirm if you have an authorised wireless network which is linked to the network that connects to the GCSx network?
Yes
No

If Yes:

i. How many physical sites have the authorised wireless network?

ii. Please confirm how many wireless access points you have in place?

iii. How many of these are controlled/configured from a Central Management station?

iv. Please confirm how you authentication to the wireless network

Router/ Core Switch review

Please advise how many of the core routers/switches you would like to review the configuration of?
No. of core routers/switches:
Typical sample sizes 2 to 5.

Password File Cracking

Please confirm you wish this to be conducted against key system files?
Yes
No

Optional/Recommended

Malicious File Protection Assessment

Please confirm the sample size of Email, Web gateways and client systems to be assessed for protection against sections 18 to 22 of the GCSx CoCo v4.1.
x Mail Server/Gateway devices Typically 2 x Mail Servers (GCSx & corporate)

Typically 2 x Mail Servers (GCSx & corporate)

x Web proxy/Gateway devices Typically 2 x Web Proxies (GCSx & corporate)

x Remote Laptops Typically 1 x Remote worker laptop

x Workstation Typically 1 x Workstation

x PDA/Smartphone Typically 1 x PDA/Smartphone

Mobile, Remote and/or Home working Assessment

Please confirm the sample size of mobile, remote and/or home working solutions to be assessed for protections against section 10 of the GCSx CoCo v4.1.
x Remote Laptops Typically 1 x Remote Laptop

x PDA/Smartphone Typically 1 x PDA/Smartphone

Report writing

Please advise whether you would like for the identified vulnerabilities to be extracted into a vulnerability register spreadsheet to assist with tracking and remediation?
Yes
No

Further Info

Please use this space for any further comments/information. (1000 character limit)