Security Assessment! Call (888) 233-6471 to talk with a PBM IT Consultant.

Home About Us Bookmark or Share Contact Us Locations Quotes Directory PBM IT Solutions

Main Menu

Home About Us Locations PBM IT Solutions Contact Us

PBM IT Solutions

Network Security Security Management OTP Security Penetration Tests Security Assessment Security Audits Computer Worm Protection Computer Virus Protection Information Theft Prevention Business Availability Unknown Vulnerability Regulatory Compliance

Security Assessment - Call (888) 233-6471 for Network Security

Information theft is big business today. Malevolent hackers break into business networks to steal credit card or social security numbers for profit. Small and medium-sized businesses are at risk because they are seen as an easier mark than large corporations. Protecting the perimeter of the network is a good start, but it is not enough, since many information thefts have help from a trusted insider, such as an employee or contractor. Information theft can be costly to small and medium-sized businesses, since they rely on satisfied customers and a good reputation to help grow their business. Businesses that do not adequately protect their information could face negative publicity, government fines, or even lawsuits. For example, new consumer laws enacted in California require any business that suspects customer information has been viewed by unauthorized people must notify ALL their customers. Any security strategy must prevent theft of sensitive electronic information from both inside and outside the business.

Cisco Security Manager (1) Facilitates the configuration and management of Cisco firewalls, VPNs, IPS sensors, and integrated security services, (2) Is ideal for controlling large or complex deployments of Cisco network and security devices, (3) Supports role-based access control and an approval framework for proposing and integrating changes, and (4) Delivers flexible device management options, including policy-based management and methods for deploying configuration changes.

Network Admission Control Appliance (1) Enforces network security policies on all devices by allowing access only to compliant and trusted devices, (2) Blocks access by noncompliant devices and limits the potential damage from emerging security threats and risks, (3) Protects existing investments through third-party management application compatibility and flexible deployment options, and (4) Reduces virus, worm, and unwanted access threats by promoting efficiency and integrating with other Cisco products.

nFX Cinxi One offers you a new, cost-effective approach to security and compliance. Cinxi combines complete log management capabilities with powerful correlation technology, real-time monitoring, and an integrated incident response system, all on one appliance. Cinxi offers organizations of all sizes: (1) In-depth, real-time visibility into your security and compliance posture, (2) Unparalleled speed and performance, (3) Prioritized threat identification, alerting, and remediation guidance, (4) Comprehensive, automated log management reporting for compliance and audit, (4) Extensive on-board log storage with fast access to your event logs, and (5) A simple-to-deploy and easy-to-use solution, all at a fraction of the cost of other products.

A passive attack is characterized by the interception of messages without modification. There is no change to the network data or systems. The message itself may be read or its occurrence may simply be logged. Identifying the communicating parties and noting the duration and frequency of messages can be of significant value in itself. From this knowledge certain deductions or inferences may be drawn regarding the likely subject matter, the urgency or the implications of messages being sent. This type of activity is termed traffic analysis. Because there may be no evidence that an attack has taken place, prevention is a priority. Traffic analysis, however, may be a legitimate management activity because of the need to collect data showing usage of services, for instance. Some interception of traffic may also be considered necessary by governments and law enforcement agencies interested in the surveillance of criminal, terrorist and other activities. These agencies may have privileged physical access to sites and computer systems.

Integrate security testing into the risk management process. Testing can uncover unknown vulnerabilities and misconfigurations. As a result, testing frequencies may need to be adjusted to meet the prevailing circumstances, for example, as new controls are added to vulnerable systems or other configuration changes are made because of a new threat environment. Security testing reveals crucial information about an organizations security posture and their ability to surmount attack externally or to avoid significant financial or reputational cost from internal malfeasance. In some cases, the results of the testing may indicate that policy and the security architecture should be updated. Hence, this insight into the security posture of an organization is highly relevant to a well-functioning risk management program.

Vulnerability involves bugs or mis-configurations or special sets of circumstances that could result in an exploitation of that vulnerability. A vulnerability could be exploited directly by an attacker, or indirectly through automated attacks such as Distributed Denial of Service (DDOS) attacks or by computer viruses.

A one-time password (OTP) is a password that is only valid for a single login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in contrast to static passwords, they are not vulnerable to replay attacks. This means that, if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he will not be able to abuse it since it will be no longer valid.

The Cisco Intrusion Prevention System (1) Identifies, classifies, and stops malicious traffic, including worms, spyware, adware, viruses, and application abuse, (2) Delivers high-performance, intelligent threat detection and protection over a range of deployment options, (3) Uses reputation filtering and global inspection to give businesses actionable intelligence and prevent threats with confidence, and (4) Promotes business continuity and helps businesses meet compliance needs.

Network administrators can run the grep command against configuration files pulled from routers and firewalls and stored in local directory of their workstation (UNIX or Windows), or use grep statement build into Cisco IOS or ASA. For example, suppose the auditor wants to check the configuration for all telnet statements. The network administrator can run show running-config grep telnet and look through each entry (or without grep, just using include sh run i telnet), filter out addresses and send output to auditor.