 |
|
|
|
|
|
|
|
|
|
 |
 |
 |
|
 |
 |
 |
 |
 |
 |
|
|
|
1.
Hardware and software configuration analysis. IT Security
Consulting
- Security
tuning of operational systems, software and hardware.
- Detection
of variances between software operations and system
security policy.
Poor admininistration
leads to attack success. Service offered is the kind
of special remote administration service, armed with
configuration check-up algorithms. Directed to check
configured systems, this service can reveal misfits
in actual and required security policy, including attacks
from the inside, since most of harmful attacks are commited
from the enterprise intranet. Configuration file analysis
allows to avoid unsecured areas of the network, provides
system stability both for external and internal threats.
|
2. Support of software installed: (subscription)
- Notification
about new security holes detection, new releases,
patches
Fast reaction on
new bugs revealing.Software developers should report
about revealed bugs and released patches as soon as
possible. But in fact, security holes often exist for
months while patches are being prepeared. Subscribing
to this service, you will get an efficient mechanism
of notification about bugs known from the Internet.
Suitable for small companies.
|
3.
Audit of software installed: (paid one-time service).
- database
check for security holes,
- new
versions & patches upgrade
Since
every software product contains bugs, it is very important
to reveal them before hacker does. This service is quite
simple in its origin.
|
4. Installing of special and supplementary software to
provide IT security:
- Setup
of Firewalls, IDS (Intrusion Detection Systems), TCP
proxies and other systems, developed by us or third-parties.
Administrating
service is directed to solve security problems using
techniques mentioned above. You cannot be 100% confident
with your system security even using firewall. Usually
attacks are performed through open firewall services
or by substitution of trusted host. Nevertheless, firewalls
allows to differentiate access at the network level.
IDS technologies are being developed at present, offering
the following features to detect network attacks: flood,
scanning, unathorized hostname substitution and so on.
These technologies can also solve more complicated problems
like network sniffer detection, file change attempts,
breaking of confidential information protection etc.
TCP-proxy and NAT (Network Address Translation) complicate
hacker intrusion, hiding network structure and checking
every request (for instance, checking every eMail message
for trojan virus).
|
5.
Security policy design for different IT systems.
To work out security policy
for informational resources it is very important to specify
clear and consistent vision of system information and
environment. Security policy design and implementation
allows to create secured data systems using special artefacts-
security profiles, based on software and hardware environment
analysis. |
|
|
|
| |
|
|
 |
|
|