Products
Up Authentication Borderguard Secure Perimiter Firewalls VPN Intrusion Prevention Intrusion Detection Web/Mail Filtering

 

Home Products Services

 

The products we represent make up the foundation of a secure enterprise. We can begin small, medium, or large. We tell our customers "if you make good product decisions, anything is possible," A major design goal of our solutions is scalability, to accommodate future network usage and growth. Please keep in mind that there is no solution that is guaranteed 100% effective, and you must always balance the needs of the users with the corporate security goals. The best solutions are invisible to the end user.

The ultimate information security solution is comprised of different technologies, set up in layers. Here are some of the technologies that we use to build this environment:

Secure Remote Access - VPNs
 
Today, there is a requirement for organizations to consider - how to attach remote users to the corporate LAN. The common thing most corporations have done is to become a "mini ISP" - they bring in phone lines, modem banks, and assign 800 numbers to allow remote users to dial into the network. There's two pieces of bad news: The first is that this is expensive, and the second is that there are technologies out there that will discover the phone numbers, user names, and passwords ... automatically - it's just a matter of time. Fortunately, there's products and technologies that can help - some VPN products have been available since 1994, and we can help you separate facts from marketing hype.
 
Secure Perimeter
 
As a first step in securing any organization, you must consider the choice of device that's placed at the perimeter. This choice is one of the most important an organization must make. Depending on the device chosen, security will either be not possible, somewhat possible, or the ultimate in perimeter security. We can explain the differences and benefits of each device type and manufacturer.
 
Firewalls
 
Firewalls have been around longer than any other security technology. Everyone seems to have one that they claim can do it all - however, one must be careful when evaluating these devices. A firewall that is great for one company may not be the right one for yours. Do you need a fast circuit gateway, or a slightly slower (but more secure) application gateway? The answer to this question can only be answered after careful analysis of your requirements - but don't forget to include any new technology that you are planning to implement (like VOIP!) in the next few years. The ability to generate alarms and reports is crucial, so management can understand what a great job this device is doing for your organization. 
 
 
Intrusion Detection & Response
 
A few years ago there were a handful of products claiming this capability. Now, all security vendors seem to have one of their own. Unfortunately, these products are still far from perfect; they all need tuning specific to your environment during installation, and they all generate false positive alarms, so your staff needs to be well trained in order to read the product output properly. With enough time, training, and tuning, this technology can be a tremendous asset in your security posture - depending on where the sensors are placed, they can keep watch to see if anything is getting past your firewall, or watch segments of the internal network to see if anyone on the inside is trying things they should not. The most critical piece of this technology is event correlation and reporting, which most organizations overlook until the product is in and running, and management asks to see a report .....

A capability of some intrusion detection products is the ability to automatically respond and reprogram edge security devices in your network as soon as it recognizes an attack in progress - thus 'slamming the door' on the attacker, usually within the first minute of suspicious activity.

Intrusion Prevention
 
This technology combines two others - Intrusion Detection and Anti-Virus - into one product. Although relatively new, it is the next step in the evolution of host-based security products. No longer are you a slave of 'signatures' from vendors - you teach this software what is acceptable behavior for the system it is running on, and it automatically stops everything out of the ordinary (like sending email to everyone on your Contact list ....) Notification of events is sent to a central management station in order to provide event correlation. Most companies with an Intrusion Detection product will support your servers, but there is one that also supports desktops running WinNT/2K and XP. 
 
 
Web/Mail Filtering
 
This is one of the few technologies that most organizations have implemented already, but the updating procedure is often left up to the end user to perform. Some organizations have written scripts or configured the product to automatically check and download signature updates whenever the computer is booted or a user logs in, which is a good thing. Most top executives understand the threat of viruses, because we've all either experienced first hand or know someone that has had to deal with the results of a virus.
 
Today, there are more bad things out there than just viruses. There's spam, which is difficult to stop. There are web-based email clients available for anyone that needs to read email while away from the office, or read their personal mail while at the office without your knowledge.
 
There is also a legal obligation to prevent your personnel from downloading music. Have you read about the successful litigations by the Recording Industry of America? 
 
We have the products to protect you, and more. We will provide you with the detailed reports you need to closely monitor your Internet traffic.
 
Authentication
 
Centralized authentication servers are often overlooked area in favor of Windows Domain authentication or Unix password file authentication (NIS+) However, the larger the organization, the more complex the process of password change management becomes. How many of you have more than one password to remember? We suggest employing technology that ties all of your devices - routers, dial-up servers, network switches, Unix, Windows, and VMS - together to facilitate centralized Authentication, Access Control, and Accounting (AAA) A user changes one password on one device, and it is automatically changed everywhere. You can choose to provide enhanced security hardware (tokens) for those people that need a higher level of security (such as your system administrators) - these tokens generate one time passwords to foil the use of password cracking software (that is always effective given enough time!)  New users can be added to your organizations computer systems in minutes, and then removed when employees leave in less than one minute. No more searching for unused accounts in all those separate systems!