External Network Security Assessment (Penetration Testing)
Wed, 09/09/2009 - 22:00 — AdministratorA Network Security Assessment (NSA) is an psuedo hack attempt / penetration test of a network node(s) via the Internet. This test uses all the techniques that hackers use to try to abuse your network.
Description
A NSA utilizes a number of combined tests to scope each IP address for known services and then scopes these services for known flaws and common mis-configurations. Our NSA looks at the entire scope of TCP/IP services running on nodes. It also tests for common Denial of Service techniques, password flaws as well as confusion attacks that can halt your services. Currently our NSA utilizes over 1500+ security checks and is not driven by a 'bot' but an experienced security team with years of experience securing networks. In addition, we implement the latest discovered flaws as they are publicly announced (before if we find them first!) to give you the cutting edge of security assessments.
What Is Tested
The test can be directed to firewalls but more commonly toward network nodes protected by firewalls. A firewall allows only approved traffic to pass through it to internal nodes. A common misconception is that this protects your internal nodes completely. Indeed, by only allowing approved traffic to pass through limits your security liability, but there are many attacks that can use these open traffic paths to penetrate and attack a network. Take Code Red as an example, it attacked port 80 amongst others. Any public web server behind your firewall has to allow this traffic to pass and so would be vulnerable to this attack. A NSA will tell you what, if and how the allowed traffic is a security risk.
How It Works
You supply us with the IP address(es) of the node(s) you would like scanned. If they are external we will undertake the test remotely. Should you want your internal nodes scanned we will come onsite and camp out on a network connection for a while. We will then undertake any remote NSA at somepoint unknown to you during a 7 day (or more for larger scans) window you allow to us. This could take place at any time of the day or night and without warning. Internal nodes will require us to visit your site and connect to your network to complete the scans. The information will then be analyzed and investigated and a report with recommendations drawn up for you.
Banking, Financial & Medical Institutions
This test can help ensure your compliance with the Gramm-Leach Bliley (GLB) Act, also known as the new Privacy Law. The reports can be submitted to FDIC & OCC auditors.
Firewalls
Wed, 09/09/2009 - 22:03 — AdministratorNext Generation Network Security
The X-Guardian is a combination Firewall/Intrusion Detection System/Scanner integrated into a single box solution. This next generation enhanced firewall provides all the features you've come to expect from a firewall whilst adding additional layers of protection by monitoring the traffic that passes in & out of you're network for attacks & data theft.
* Enhanced Firewall
* Intrusion Detection System (IDS)
* Internal Security Scanner
* Bandwidth Graphing
* HTTP/WWW Auditing
* IP / Port Forwarding
* Network Communication Alerts
* Complex Routing Capable
* 24/7 Monitoring Service
The Concept
A firewall limits the traffic that passes in & out of your network but what is protecting the data that is allowed to pass? If you have a public www or email server, traffic has to pass for your web pages to be viewed and your email to be delivered. It is these transports where attackers will gain access if they can! With an Intrusion Detection System you can audit every packet that passes for attack signatures and, based upon your specific needs, block an attack by denying access on a per IP basis.
Internal Data Theft & Abuse
Statistics indicate that a large proportion of data theft happens from internal employees. Monitor the data that leaves your network and identify the sources of your data theft. Have an Acceptable Use Policy? The X-Guardian's proxy services can audit and filter the web traffic data flow enabling you to see who's doing what, where and when.
Seamless Integration
Implement the X-Guardian transparently with IP forwarding (reverse NAT) or port forwarding. Hide and protect your public servers with stateful firewalling and IDS per node basis. Extend the auditing on your network with transparent proxy services.
Internal Security Scanner
Fully customizable, the X-Guardian can be programmed to audit your internal nodes for security flaws & unauthorized services. Using the same base technique as our External Network Security Assessment this robot version can be asked to periodically scan the entire network or portions of as needed. In addition, if an internal node "catches the X-Guardian's eye" it can scan the node automatically and email the results directly to you.
Network Communication Monitoring
Preprogram a list of nodes you would like monitored and the X-Guardian will contact you if connectivity to a given address fails. Get real time notifications on the state of your network communication and monitor network bandwidth with an easy to read historical graphing system.
Complex Routing Capable
Have a large network to manage? Consider using the X-Guardian as a router replacement throughout your network infrastructure and combine the speed & stability of Linux with the protection & auditing of the X-Guardian.
24/7 Monitoring Service
The problem with hackers is that they just don't keep regular office hours. Who's watching your network after hours and on the weekends? Let LSP's security team take over and protect your network.
With a dedicated 24/7 monitoring service team we are able to provide the kind of service other vendors cannot. We have engineers awake and active all night (We also have a large caffeine bill each month) monitoring your networks. Each security event is investigated and responded to fully as it happens. As an attack occurs, even a complex, multi source attack, a real person takes over the defense of your network. If you authorize us, we can even connect to the server being attacked and stop services, we can even apply missing patches to immunize the node against the attack whilst it's occurring. Don't let just anyone protect your network - insist on experienced security engineers monitoring your network security 24/7 and sleep soundly at night.
Interested in this recipe?
Call us - we have a straightforward approach to supporting you.
Internal Network Security Audit
Wed, 09/09/2009 - 22:06 — AdministratorTake the ENSA technology, gather the security team from LSP and let us come and camp out inside your network.
What, Where, When?
The majority of security breaches come from internal sources. This is fact. Give us a network connection inside your network and let us assess the strength of your internal security. We will show you all the holes and security issues inside the network. We then generate a report with recommendations on how to improve or cure security issues. You don't have to use us to fix them but if you need our services we're here to help.
This audit goes beyond the regular IP only services and looks into the nuts and bolts of your network including, but not limited to:-
* Windows DS & Domain Security
* Novell Tree & Bindery
* Linux/Unix Domains
* User & Group Rights
* Network Communication Security
* Firewall Configurations
* Service Packs & Hot Fixes
* Physical & Accessability
* Passwords, Policies & Auditing
* Non-IP Protocols
Lets us audit your network and discover what your security liability is.
Internal Network Security Scanner
Wed, 09/09/2009 - 22:07 — AdministratorThis server takes network security to a whole new level. With an easy to use web interface, program this server to scan and probe your network and generate you reports that have the same information 'hackers' use to attack you using your IP network. See who's doing what, when and where on your internal network.
* Quick IP Portscans
* Complex IP Portscans
* Hacker Level Scans
* Web Interface
* Customizable Reporting Options
* Quick IP Portscans
With a fast and simple scan of a single IP address, lists and multiple ranges, you can 'see' your internal network at a glance. The report allows you to view a list of open ports and their probable related service on each node listed. Programmable for custom time/date runs, you can watch your networks around the clock even when no-one is supposedly at work.
Complex IP Portscans When a node needs further investigation run an indepth scan. Get more accurate service information, OS fingerprinting and more specific details about the node(s) in question.
Automated Hacker Level Scans For your critical nodes and that elusive IP address that no one an find. A full 'hacker' level scan of a node gives you the same information a hacker would have if they were allowed few weeks to research your node. As a security tool, these scans are priceless. See an always current picture of your entire network security and read suggested ways on how to fix. Some of the more common securiuty flaws have step by step instructions on how to immediately resolve the issue. Supporting url links are supplied where applicable allowing you to read further on the type of flaw and attack techniques that utilize it. These scans also detect backdoors & network capable virus infections on a node allowing you to watch for imminent problems before finding out about them the hard way. These scans are updated through a subscription service so you remain current to the latest discovered flaws and techniques.
Web Interface A secure web interface allows you to setup automated scans or run a single job as and when you need it.
Customizable Reporting Options Reports are fully customizable to the format most suitable to your needs and include HTML, plain text, database export, email and console. An Internal Security Scanning Server gives you that eye into your network that you were missing.
Intrusion Detection Systems
Wed, 09/09/2009 - 22:10 — AdministratorEvery computer network should have at least one IDS system installed at the network boundary to protect and audit the data that flows both in and out of the network. The IDS should watch for attacks, data theft and other abuses. For large networks, and those networks with high security concerns, more systems should be deployed to help further protect each internal area.
Our IDS is custom built to fit the needs and functions of your network. Based upon the widely used Snort intrusion detection engine you benefit from an extensively supported and acclaimed IDS that ranks among the top products in it's field. Enjoy many additional custom features that make using Snort in the real world a breeze.
LSP's IDS solutions are deployed in many existing networks and with good reason. We offer a custom deployment promise to implement your IDS solution fully and effectively. We are not just an out-of-the box vendor; we sell you a fully implemented solution, which will effectively enhance the security of your network. Compare us to other IDS vendors and discover why so many customers have already placed their faith in LSP.
Features:
* Real-Time Network Monitoring
o With real-time monitoring you can watch the data that flows around your network and receive prioritized notifications on security, misuse and general issues on your networks. Let the LSP security team install an IDS solution for you and see the expertise that has made us No.1 in tri-state region for network security protection.
* Advanced Detection Rule Sets
o The power of an IDS is in it's rule set. Just like Antivirus software, if you are not up to date with the latest signatures you are vulnerable. Our experience dealing with network security on the frontline enables us to produce advanced & current rule sets that others in the industry just cannot supply. As new attack types are discovered we update the rule sets. Make sure you ask and update your rule sets frequently no matter whom you choose as your IDS vendor.
* Custom Rule Set Authoring
o When science becomes an art form.
Do you have a specific event you want logged or perhaps a specific file or file sets that must not leave specific network segments? As we write our own rules and understand how data moves about networks, let us write you a custom rule set that will enable your IDS to detect your specific network security concerns. We have many existing customers who have solved network related issues and crimes with a custom rule set developed by the security team at LSP.
* Passive or Aggressive Responses
o With a multi layered prioritized system for categorizing each rule hit we are able to offer custom event management and responses. The IDS can be set to block an IP address (aggressive mode) or monitor & report only (passive mode) or any combination of the two.
* Instant Notification & Reporting
o Receive instant, real-time alerts and hourly, daily and weekly reports via email, terminal or web interface. Alert data can also be sent to a database should you need to manage many systems centrally. Single event rules can be written to notify you of any predetermind, custom event. Customized searches of the data can be authored from the web interface.
* Live 24/7 Monitoring Options
o The annoying thing about hackers is that they don't keep office hours. Who's watching your network whilst you sleep?
With a subscription to our 24/7 monitoring service you can sleep soundly, safe in the knowledge that your network is being monitored. Unlike most monitoring services we have security engineers monitoring IDS & other security systems all day and night. Each event is dealt with as and when it happens and based upon an agreed response plan, we react as you would. Benefit from experienced security engineers reacting to attacks as if they were onsite and working for you.
* 'Security Storm' Protection
o With a subscription to our 24/7 Monitoring service you also receive the benefits of our 'Security Storm' Protection. Attacks come in trends and waves, almost like the weather in some respects. With our large base of security systems already deployed & monitored we often see an attack wave starting and can move to block subscribed systems before they begin to be attacked directly. Safety in numbers; batten down the hatches! Unlike Antivirus software, we can contact your system with an update instantly if necessary.
* Routing Capable Installation
o As with most products based upon a Linux kernel, routing capabilities can be built in. If you have a network with translated or routed segments, our IDS can be deployed to give you true protection without 'blind spots' and other common IDS deployment limitations. You may even consider replacing existing routers with our IDS and achieve two tasks with one node.
* Experienced Engineering Team
o The true value of network security is the minds and experience of who designs, implements and monitors it. Install your trust in LSP's security team whose experience stretches back to when network security first became an issue. Call us today and let us show you that we know what we're talking about.
* Free Baseline Monitoring Period
* Real-Time Network Monitoring
The world of Intrusion Detection is a recent addition to network security. There are many flavors of IDS you can opt for. Invest your security with the experts and buy a solution not a one-word answer.
