Infrastructure Assessment and Consulting

The network diagram in the IT closet is three years out of date. Nobody knows what the backup retention policy is. The firewall rules were set up in 2019 by whoever had the password that day. An assessment fixes that: two days of structured review, followed by a written report you can act on immediately.

Common reasons businesses request an assessment

• Something broke and no one knows where to start
• An insurance policy or vendor contract requires documented security controls
• The business is growing and the current infrastructure was not designed to scale
• A major change is coming (office move, cloud migration, new hire surge) and the business wants to know what state it is starting from
• An IT person just left and no one knows what they had configured

What the assessment covers

Network review

• Physical and logical topology documentation
• Switch configuration review: VLAN design, STP configuration, trunk ports, port security
• Router and firewall review: ACL audit, NAT rules, routing table, open ports
• Wireless: SSID separation, authentication method, guest network isolation
• DNS and DHCP: configuration review, scope hygiene, rogue DHCP check

Security posture

• External attack surface: open ports, exposed management interfaces, publicly reachable services
• Internal segmentation: flat vs. segmented network, inter-VLAN access control
• Authentication review: default credentials check, password policy, MFA status
• Remote access method: VPN configuration, exposed RDP or SSH, access logging

Servers and storage

• OS patch status and support lifecycle review
• Backup pipeline audit: what is backed up, how often, where it goes, when it was last tested
• Storage utilization and capacity headroom
• Critical service dependencies and single points of failure

Documentation gap analysis

• What exists vs. what is needed for a successor to manage the environment
• Configuration backups: do they exist, are they current, where are they stored

Deliverable A written report covering all of the above, with findings prioritized by risk and a remediation list with time and cost estimates for each item. The report is yours regardless of whether further work proceeds with Subnet Works.

Representative scope examples

Pre-growth assessment. A 25-person company in Bergen County was about to add 10 staff and a second office location. Before committing to new hardware, they wanted to know if the current infrastructure could support the growth. Subnet Works conducted a two-day assessment and delivered a report showing that the core switch was at port capacity, the backup pipeline had a misconfigured retention policy, and the WAN circuit was undersized for the projected load. All of it was addressable before the expansion.

Post-incident review. A business in Union County had a ransomware incident contained to one machine. After recovery, they wanted to understand how it happened and what needed to change. Subnet Works audited the network segmentation, remote access configuration, and endpoint patching status, and delivered a prioritized list of 11 changes, 4 of which were addressed the same day.

Infrastructure handoff. A company in Hudson County lost their IT contractor without a knowledge transfer. No one knew what was running, where the configs were, or how anything was set up. Subnet Works spent two days on-site documenting the full environment: topology, device configurations, service inventory, and access credentials. The result was a handoff package the new IT contact could work from immediately.