When it comes to information security, we have the knowledge and experience to help organizations secure their critical information assets. We work with our clients to manage, mitigate, and eliminate risks to their information systems. Whether it is building secure architectures, assessing the current security environment, or implementing safeguards, we provide the experience and expertise to get the job done.

We work with our clients and partners to secure critical infrastructures. Solutions include:

Assessments are useful for organizations that need to have an object third party verify the current state of security. We offer a number of choices that focus on different aspects of security. Our methodology is to work cooperatively with the organization to maximize the value of the information delivered.

We offer a comprehensive set of security assessments that meet our clients' requirements:

• Security Assessment
• Security Audit
• Risk Assessment
• Threat Assessments
• Vulnerability Assessment
• Penetration Testing

In an effort to provide our clients and partners the security solutions to meet business needs, we resell a number of security information related products for businesses. These products represent "Best of Breed" solutions commonly deployed in enterprise network environments to provide the required levels of confidentiality, integrity, and availability.

We also deploy a number of Open Source tools to meet the security requirements of our clients. These solutions also represent a "Best of Breed" approach to securing an organization's infrastructure.

Our products include:

Checkpoint

• Firewall-1 NG AI
• VPN-1
• Smart Defense
• Cluster XL
• Nokia Appliances
• Safe@Office
• Secure Platform

Tripwire

• Tripwire for Servers
• Tripwire for Network Devices
• Tripwire Manager

F-Secure

• Secure Shell - SSH, SFTP, & SCP
• Antivirus and Intrusion Prevention
• Policy Manager
• F-secure VPN+
• F-secure FileCrypto

e-Eye

Trend Micro

We arecommitted to providing our clients with the tools needed to meet theirs strategic and tactical security challenges. Our relationships with our partners also allow us to provide the best in product support and integration services. Our goal is to provide the expert service that our clients have come to expect.

We have designed, installed, and configured secure information architectures for organizations. Our team of security professionals has "hands on" experience with leading security hardware, software, and service providers.

We have the certifications (experts, engineers, administrators, etc.), in the technologies that organizations deploy for enterprise security. Our engineers attend training and certification classes to ensure that we are up to date and knowledgeable.

In addition we have developed partnerships with many of the leading security system providers to ensure that we can design and implement the right solutions, an have access to additional support.

We have worked with a number of companies, agencies, and organizations to investigate security incidents. These events range from computer intrusions, employee and contractor misconduct, identity theft, unauthorized disclosure, misrepresentation, information leakage, and abuse of internal resources.

Security Investigations goals and objectives:

• Respond to security incidents
• Maintain an organization's operational commitments
• Discover the extent and scope of damage
• Contain and reduce damage and liabilities
• Manage disclosure of security events
• Coordinate with law enforcement for criminal prosecution
• Gather evidence and document security incidents
• Quantify damages including direct and indirect costs.
• Determine root cause
• Redress security problems
• Prevent future security events

We work with our clients to mange the recovery, investigation, documentation, and post-incident evaluation. We protect our clients' privacy. We work with law enforcement, in criminal cases, to collect the evidence for prosecution and to prove damages. We quantify the damage and document the necessary recovery efforts. We ensure that prosecution guidelines for monetary loss targets are met and documented.

We specialize in:

• Computer system forensics
• Intrusion analysis
• Employee misconduct investigation
• Disgruntled employees and former employees
• Computer system attacks
• Virus, Trojan horse, and work detections and elimination
• Privacy and disclosure investigations

We understand the complexity of implementing firewalls. We have installed and implemented many of the most popular firewalls including Open BSD, Linux, Raptor, PIX, and of course Check Point's Firewall-1. We understand the configuration issues when implementing these firewalls.

Firewalls are often a collection of hardware devices and software that protect an organization from networks of dissimilar levels of trust. Firewalls are used for connections to the Internet or public networks, connections to third party suppliers and vendors, extranets, and within corporate environments to limit access to sensitive networks. Firewalls also define special networks that must be accessible to untrusted networks and yet separate form internal networks.

Hardware
Hardware must be configured to meet the security requirements of the organization. Networks need to be defined for DMZ, external, extranets, and internal segments. The firewall hardware must also be hardened. Hardening is the process of creating a secure platform for the firewall. The firewall must provide sufficient bandwidth capacity and throughput. Other issues include latency and delay, routing to and from the hosts, addressing, address translation, name resolution, and other network services.

Software
Software must be configured to enforce the security policies of an organization. This includes what to allow, what to monitor, and what should be blocked. Other configuration options may include how to deal with malicious activity, dynamically blocked ports, technical options, address translation, performance optimization, anti-spoofing, content filtering, and information leakage.

An Intrusion detection system (IDS) is a system dedicated to sifting through enormous amounts of traffic to detect, and in some cases, prevent an information system intrusion. We have the experience and knowledge to help organizations implement intrusion detection systems to meet their strategic and tactical security requirements.

An Intrusion detection system (IDS) is a security control and monitoring devices that are configured to enforce an organization's security policy. How these systems are configured will have a major impact on the number of attacks detected and the amount of work that a security administrator must do to effectively monitor the system. Intrusion detection systems are dependent on monitoring, notification, and predefined procedures for intervention.

Monitoring
IDS are prone to false positives. The idea is that if the system does not report an intrusion attempt, what good is it? So IDSs report on any possible attack on a network or system. It is up to the security administrator to configure the IDS to report only on attacks that could produce an intrusion. That means that intrusion detection systems create a huge volume of logs.

Notification
When an attack is detected in real time, how do you know? The system should notify the administrator that a security event is in progress. Most intrusion detection systems can notify the administrator via pager, cell phone, SNMP alerts, console messages, and email. If intrusion detection systems are prone to false positives this means that notification will be brisk!

Procedures
When an attack is detected, in real time, an notification is sent; what happens next? Security organizations must react to the threat of intrusion. The IDS can be configured to automatically respond to some attacks by dynamically reconfiguring the firewall. That's right! A system that is prone to false positives can automatically reconfigure your firewall policy.

We have the skill, experience, and knowledge to help an organization to successfully implement intrusion detection systems. We can work with your security administrators to determine the correct level of monitoring, determine the thresholds for notifications, and help develop the procedures to respond to dynamic threats.

File System Intrusion Detection
File system intrusion detection is based on the idea that changes to systems should be monitored and tracked, whether the changes are desired, not desired, accidental, benign, malicious, intentional, or originating from internal or external sources. These changes can be profound or subtle. File system intrusion detection seeks to track changes on a system, including where and when the changes were made.

The operating system files, utilities, programs, and applications should not change unless there is an upgrade or reconfiguration. Log files should only get larger unless trimmed by the system administrator. Changes to file systems can indicate unauthorized activity on a system including hosts, servers, network devices, and firewalls.

File system intrusion detection provides the ability to track and monitor these changes and can provide the following benefits:

• Indication of unauthorized access
• Detection of system intrusion
• Detection of file system integrity problems including corrupted files, improperly set permissions, viruses, worms, Trojan horses, defacements.
• Monitoring of changes on a system.
• Integrity, accountability, availability, and visibility

Virtual Private Networks or VPNs provide secure methods of communicating over insecure networks like the Internet as well as within an organization. VPNs encrypt traffic between end points and can provide security for data in transit. VPNs create an encrypted tunnel between end points. This provides confidentiality and integrity of the data.

VPNs can increase the load on network devices. Security of VPNs comes at a price; network traffic will increase, which may lead to delays. VPNs can also significantly impact the performance of some devices. With the need to create encryption keys that are becoming longer, encryption and decryption calculations will take more host resources. Encrypted traffic that passes through firewalls from internal systems cannot be monitored. Content filters, like virus protection, cannot access the encrypted traffic.

Configuring VPNs can also be very challenging, especially between different types of devices. When implementing a VPN you need to know the type of encryption, authentication, hashing, mode, and a number of technical parameters to get the tunnel to function correctly.

VPN's key benefits include the ability to maintain a secure channel across an insecure networks. This allows for telecommuters to access corporate resources from home in a secure manner. This also provides a confidentiality and a level of authentication.

We know how to configure VPNs. Our expertise allows companies to leverage the Internet as a means of extending network services to remote offices and telecommuters. We have implemented numerous VPNs, and we are experts in configuring cross-vendor and platform VPNs.

We have worked with a number of content filtering solutions. We have the right solution to meet your business requirements. This includes:

• Anti-Virus Solutions
• Spam Filtering
• IM Filtering
• Web Site Content Filtering
• Malicious Code Filtering.
• P-To-P Network Filtering

These products and services are scalable from small businesses to enterprise networks. They can operate within your current infrastructure or can be provided externally to your environment. We also provide managed services that take the burden off of your business.