Lumeta offers a family of packaged services that address key network operations and compliance challenges. These packages leverage our results and experience at more than 150 of the world's most security-conscious organizations, while addressing each client's unique operational and security environment.

Each package includes scanning and indexing with IPsonar. Results are reported formally at the client site, and presented in a comprehensive findings document.

Lumeta's packaged services include:

• IPv4 - IPv6 Migration. Per Office of Management and Budget mandates, federal agencies must assure that their networks are IPv6-enabled by 2008. This change-intensive migration will create security and compliance risks. Agencies require network visibility to identify inadvertently enabled IPv6 resources, as well as to determine if connectivity between IPv6 devices and other resources creates vulnerabilities. Understanding what devices and security controls are on the network - and how they are configured throughout the migration lifecycle - is critical for maintaining compliance to federal policies such as the Federal Information Security Management Act (FISMA).
  
  Lumeta's IPv4 - IPv6 Migration solution provides the visibility necessary to achieve this. and IPv6-capable devices - placing them in the context of all known and unknown assets, connections, and IP addresses. This enables agencies to plan and manage migrations based on accurate, up-to-date assumptions, not out-of-date network inventories taken months or years ago.
• Network Risk Assessment. Network assurance programs require a formal set of risk metrics based on network facts. Otherwise organizations cannot accurately measure and mitigate network risk for availability, security, and compliance issues.
  
  Lumeta's Network Risk Assessment gauges network risks based on IPsonar's objective data, not consultant or administrator assumptions. Deliverables include identification of potential risk factors and policy violations such as unauthorized inbound and outbound connectivity; improperly configured security devices that could represent material weaknesses, devices and highly vulnerable to security breaches; and network anomalies that, if exploited, could lead to a major security issue. Clients can also opt to receive a Lumeta Network Index score.
• Network Connectivity Assessment. The more complex a network, the more likely that unwanted connectivity exists. Minimizing risks to availability, security and compliance requires assurance that all connections are authorized and under management control.
  
  Lumeta's Network Connectivity Assessment discovers the Layer 3 (IP) network, secure zones and B2B connections. Lumeta consultants find all IP addresses routed internally, locate secure zones, and define the perimeter of the network. This enables clients to identify B2B address blocks, properly secure exit and entry points, and test the strength of secure zones. Clients can also determine whether B2B and sensitive internal hosts are reachable from various network locations.
• Asset Verification. Assuring that devices are under management and in compliance with security policy requires a systematic process. The process must validate that devices are known, reflected in the patch management system, routinely scanned for vulnerabilities, properly licensed and serviced, maintained to the corporate hardening, and routinely checked against acceptable usage policies.
  
  Lumeta's Asset Verification solution helps IT executives develop this process, improving their organization's security and compliance posture. Deliverables include identification of all IP assets, validation of compliance to usage policies; and assurance that accurate information is loaded to appropriate security, network, and asset management systems.
• Application Visibility. IT organizations are challenged to deploy necessary application functionality across the enterprise without compromising access to sensitive data and resources. Complete application visibility is required to balance business requirements with security and compliance.
  
  Lumeta's Application Visibility solution is a foundation for achieving this. It provides a rapid access-control audit of networking devices based on application ports and enables organizations to test any location and IP address for application coverage. Devices that respond to selected application ports are identified to support host application readiness. A clearly defined application perimeter is also established, so that organizations can prevent access from unauthorized departments, geographies and regions.
• Policy Compliance. Network resources may be implemented per security policies, but often fall out of compliance when adjusted in response to business drivers and security incidents. Organizations require capabilities to validate that controls are functioning properly.   This must be determined proactively, not after security breaches or audit issues.
  
  Lumeta's Policy Compliance solution provides a risk assessment targeted to an organization's specific compliance policies. IPsonar is tuned to detect specific violations, assuring that they can be remedied prior to external audits. Examples of policy issues detected include improperly configured routers and firewalls; unauthorized applications or operating systems; and unsecured wireless access points.