FIREWALL/SECURITY

 

In today's environment, it is vital that your organization has a comprehensive security plan. With increasing dependence on distributed networks, reliance on the Internet, a company becomes more vulnerable to security breeches.

 

NesTECH consultants analyze how susceptible your network is to outside intruders who can sabotage your operations. We do this with our services listed below, which can find any weak points on your network.

 

NesTECH Security Services are available to assist you with planning, design, deployment, and support of wide range of security solutions. NesTECH is committed to bringing our customers world-class security solutions, best-of-breed security technologies, and quality service and support.

 

I.  Network Vulnerability Assessment (NVA)

Locate vulnerabilities in the network security architecture.

 

A vulnerability assessment shows the system's security posture with respect to specific vulnerabilities. The vulnerability assessment closely examines the network architecture. The vulnerability assessment testing methodology developed by NesTECH is effective on both commercial and government network environments and has exposed serious vulnerabilities on systems previously accredited for operational use.

II. Penetration Testing (PT)

Demonstrate the ability of a security system to be bypassed.

 

The goal of penetration testing is to determine if the protective controls of a given host(s) and network can be bypassed. Penetration Testing provides evidence that vulnerabilities indeed are exploitable. It brings a dose of reality and intense focus to the vulnerability assessment. Penetration testing is characterized as either external or internal to the network. An external penetration test can be conducted from the following views or combinations of views.

  • Valid Account

  • Zero Knowledge

  • Full Knowledge

The penetration-testing methodology developed by NesTECH has proven to be very effective in determining the exploitable characteristics of the identified vulnerabilities in a given network.

III. Risk Assessment

Characterize risks to an information system

 

An asset is said to be at risk when a threat agent (hacker, disgruntled employee, system user, natural event, structural failure, etc.) has the ability to exploit an asset's vulnerability. It is widely recognized that attempting to completely remove a threat agent or vulnerability is impossible for many risk scenarios. Therefore, some form of risk assessment must be undertaken to characterize the risk environment.

 

Risk assessments vary based on the system's lifecycle:

  • Early stage system development requires analytical threat and vulnerability risk assessment.

  • Implementation and integration of sub-systems require security testing and risk scenario hypotheses.

  • Initial and on-going operational stage requires actual threat-vulnerability pairings.

NesTECH provides risk assessment at all stages of system development and implementation.

IV. Security Implementation 

Execute the installation, integration and testing of security products

 

NesTECH provides services for the specification, installation, integration, and testing of security solutions to safeguard customer network and computing infrastructures. NesTECH security engineers are trained, certified, and experienced with all major security solutions such as:

  • Firewalls

  • Virtual Private Networks (VPN)

  • Intrusion detection and monitoring controls

  • Encryption systems

  • Anti-virus protection

  • Content filtering controls for e-mail and web

  • Access controls (authentication and authorization)

  • Network security controls (adaptive scanning)

  • Audit Controls

For security implementations, NesTECH provides:

  • Equipment acquisition assistance

  • Installation/Configuration

  • Integration/Deployment

V. Security Policy Review and Formulation

Develop guidelines and procedures for securing network resources and critical data

 

Good security decision-making is based on an organization's security goals. Security goals are communicated to managers, end users, and operations staff through a security policy. A security policy is a documented and formal statement of the governing rules that regulate how an organization manages, protects, and uses assets. The security policy generally addresses goals, objectives, beliefs, ethics, controls, and user responsibilities in the form of high-level and generalized statements.

 

NesTECH works with designated customer staff to:

  • Review existing security policies, both explicitly documented and implied

  • Map policies into a customized Security Policy

  • Train customer staff on Security Policy

VI. Network Security Systems Design and Planning

Consult with the customer for a security-enhanced network

 

Although each design process is unique to the customer, there are several common elements.

  •  Analysis of security objectives

  • Design of security architecture

  • Placement of security products

  • Data flow analysis

  • Monitoring plans

  • Testing design components for effectiveness against project objectives

The Security Design Report details the findings, recommendations and manufacturer's part numbers (when appropriate). Design recommendations are specific, including expected costs and benefits and may include recommendations on project objectives and security requirements.

NesTECH performs security engineering design work for large corporate and government customers, including classified environments.

Security FAQ

Security Glossary of Terms

 

Home | Company | Products | Services  | Technology News | FAQJobs |Contact Us | Site Map