I. Professional Firewall Installation
As part of the Security Infrastructure Design key area, our security
team will plan, develop, and implement a Firewall to protect the client's
network. This package combines the following services:
- Level One External Network audit
- Disksuite disk mirroring (for high availability of the firewall host)
- Installation and configuration of the Firewall-1 software
- Post installation Level One External Network audit
Click here to download a contract in Word97
format.
II. Professional System Audit (per system charge)
As part of the Networks and System Audits key area, our security team
will audit the clients high-end servers. This package is a Level
One (non-intrusive) or Level Two (intrusive) audit of one system, and includes
the following:
- Password integrity check (Crack, etc.)
- Network trust relationship check (SATAN, strobe, etc.)
- System integrity check (COPS, ISS, etc.)
- System weakness exploitation tests
- Results documented
Click here to download a contract in Word97 format.
III. Professional System Armor Installation
As part of the System and Network Armorers key area, our security
team will secure high-end servers. This package contains the following
steps:
- Level One audit (non-intrusive)
- Securing inetd-based services (review necessary services, disable
the
rest, setup logging of inetd)
- Installation of the TCP wrappers package
- Logging of failed login attempts
- Configuration of /etc/ftpusers
- Scan for setuid and setgid programs, note all such programs
- sendmail security configuration (smrsh, spam protection)
Click here to download a contract in Word97 format.
IV. Professional Network Armor Installation
As part of the System and Network Armorers key area, our security
team will secure the client's network. This package includes the
following tasks:
- Level One audit (non-intrusive)
- Router ACL configuration and testing
- WAN link encryption (Cylink, etc.)
- VPN configuration
Click here to download a contract in Word97 format.
V. Professional System Backup Installation
As part of the Disaster Recovery key area, our security team will
develop and implement a backup solution. This package combines the
following services:
- Backup and recovery audit (software, hardware, procedures)
- Backup and recovery procedure creation
- Configuration of backup hardware
- Installation and configuration of backup software (Legato)
- Post installation audit and verification
Click here to download a contract in Word97 format.
Definition of a Level Two Audit
- Intrusive
- Attempt to exploit discovered weaknesses
- Analogy: "A burglar disables the alarm,
breaks a window, gets inside."
Return to Information Security |