3Com is introducing a security service, called Security Posture Assessment, where 3Com TippingPoint security experts try to break into customers' systems.
In three days or more of onsite testing, the experts would run a variety of tests and assessment tasks, including network mapping, scanning and password cracking. They would attempt to gain access to machines and move up the hierarchy of system privileges on corporate servers - from guest to admin to root access. Emulation of blended attacks on the customer network, penetration testing and evasion techniques are also used.
The testing is performed in a controlled environment, says Don Ward, director of engineering marketing at 3Com's TippingPoint division. "Nothing malicious is done."
Once the work is finished, he says, customers are given detailed reports with screenshots of the activity that was done. The cost of the service is around US$2,000 per day, or $250 per hour.
In addition to an overall network security assessment, the SPA service can also detail shortcomings in compliance areas such as HIPAA or Sarbanes-Oxley, Ward says.
3Com says that while it is entering an already crowded market full of consultants and providers of security assessment services, the move was prompted by the company's own customers.
"There are a thousand different kinds of assessment services on the market today," Ward says. "We're not trying to compete in that market, but this service is something that our customer base was requiring of us."
The 3Com TippingPoint SPA service is available now.