	After running the vulnerability report and reviewing the enterprise's security posture; I have come to the conclusion that there are currently many weak points throughout the network. The current security posture is too relaxed, which will leave ABC Manufacturing open to many potential threats. Basic security features are not being utilized for example the windows security updates are missing. There is currently 108 security updates missing on workstation0001 and 68 on workstation0002. Windows identifies security concerns with its operating system and releases updates to help prevent them. A lot of the reports pointed to areas within windows that could be manipulated to effect no only the individual workstation, but also the network as a whole. Another issue is the users on these workstations are not configured correctly. Having an guest account when its not needed leaves a door open for hackers to gain access. Lastly the firewall is not configured to only allow certain ports to be open which lessens the effectiveness. The company needs to address basic security features along with taking more advanced steps to become secure.
	Ports can be considered as doors throughout the network which allow data from a machine to enter another. The firewall should only allow certain ports to be open to protect against attacks that use ports. The only ports that should be open on the smoothwall firewall should be HTTP(s) and SMTP to minimize unnecessary doors being available. Currently TCP is enabled for external access but no other ports are identified for incoming or internal. We only want to have ports open that are needed and none that are not. Defining the ports that have been mentioned will ensure that firewall will be enabled currently. Not doing so will leave the network open to attacks referred to as port scans looking to gain information about the network and systems.
	When reviewing the software on the workstations along with all the reports ran, there is no active malicious software protection. Both workstations have windows firewall available but this feature has been disabled. The network firewall prevents attacks form the outside, but the firewall on each workstation will protect each individual computer. There is no antivirus or malware protection on either one of the computers on this network. Both of these programs are essential to the overall plan for the network because it help protects the workstations from getting infected. Once the individual computer has been infected it could then travel throughout the network and effect other pieces of equipment. An article published by panda security states “Given the sophistication of malware and its exponential increase, today you can’t afford to have just any antivirus in your company you need the best business antivirus”(security, 2014). Not having proper software in place to protect ageist malicious software leaves the network and company open to so many different types of attacks. Every second these computers are in use the chance of a threats being present is very likely. These types of protection need to be added to the security plan to insure the highest level possible.
