Network Infrastructure Network Security Web Design Web Development

ZEUS : SERVICES : SECURITY

With the advent of the Internet, security has and will always be a lingering issue that all companies dread. It's no wonder that corporations spent billions of dollars last year on network security alone. A recent information security survey revealed that nearly 75% of 4,900 respondents regard security as top priority, up from 56% two years ago. Network security is vital to keeping your data safe. The repercussions from a successful breach can cost you tens of thousands of dollars not to mention the trust of your clients. Security is essential for any successful e-commerce venture.

Developing sites that collect and manage particularly sensitive data has kept our edge sharp, and our engineers alert. Some of the ways we batten down the hatches include:

System Security

Physical security:
Limiting physical access to vital systems

System daemons and services:
Locking down a Linux, NT, or UNIX system to allow only those services that are necessary.

Auditing and Logging:
Perform a security audit of systems to see what ports are open to possible attack using tools such as NMAP, Ethereal, and Network Associates Cypercop.
Setup logging so that any unauthorized activity is logged for future reference.

Recovery:
If a network is breached, assess what systems and services have been compromised and restore systems to original state.

Firewall Security:
Firewalls are your first line of defense. They are the gatekeepers to your castle and are used to accept valid/legitimate traffic and deny suspicious/malicious activity. With a firewall, you are able to keep a close watch on all of the activity coming and going from your network. Out network engineers have experience in the following:

Setup and configure Checkpoint FW-1/VPN-1 on Linux, Solaris, and Windows NT or Cisco PIX/VPN solutions with the following suggested options.

- VPN tunneling between multiple sites with IPSec encryption (56bit or 168bit) for secure communications between sites

- Setup multiple subnets to separate traffic (i.e. DMZ, internal network, intranet, extranet, and honeypot)

- NAT valid IP's to internal IP's to conserve limited publicly available addresses and to provide IP allocation scalability and migration

- Accept, Reject, or Deny TCP or UDP traffic depending on company policies or company needs

- Authenticate remote users with VPN solutions with static IPs or 2 factor token-based solutions such as RSA Ace Server

- Log and monitor some, none, or all traffic that traverses the firewall and/or router for accouting purposes

- Configure SNMP trap messaging to alert administrators of activity that is suspicious

Setup and configure Linux's IPChains

Setup and configure FreeBSD's IPFW