WELCOME TO THE SECURITY SECTION
INTRODUCTION TO NETWORK SECURITY
Security is an ever-evolving and growing networking technology—a technology that will likely be needed for generations to come. As the protocols, applications, and user base that communicate over a network change and evolve, so must the security approach that is implemented. Network security requires a holistic approach whereby a single chink in the security armor can equal a significant compromise of intellectual property and result in costly network downtime.
Although network security has been considered important for quite some time, there has been a surge in public interest over the past year or so due to events that have impacted even the least technically savvy person. It seems as if we cannot go a full week lately without hearing that credit card data or personally identifiable information (PII) has inadvertently been leaked (more accurately, stolen) from banks, retail stores, and the like by malicious actors.
Security has become more complex than ever as the motives and capabilities of threat actors (hackers) continue to evolve while allowing the miscreants to often stay (at least) one step ahead of those of us in the network security space. In addition, the concept of location of data is becoming blurred by concepts of cloud computing and content-data networks and global load balancing. As we strive to empower employees around the world with ubiquitous access to important data, it is increasingly important to remain constantly vigilant about protecting data and the entities using it (individuals, businesses, governments, and so on).
Security is important, and the lack of it risks financial, legal, political, and public relations implications. There is no doubt whatsoever the importance of security to any business or organization. Hackers and grown more bolder and smarter and their jobs of hacking has been made even easier because of all the tools easily available to do their job of hacking, we call these novice hackers as script kiddies and they can do a lot of damage. The damage to which a hacker can do depends of the level of skills they have to do the damage from a script kiddie to a seasoned black hat hacker. It has been made even worse due to readily available hacking tools that they use.
We have heard it in the news of this person hacked that company and got credit card info and got away with this amount of money or most recently Russia hacking the USA Democrat party computer systems and releasing sensitive data to Wiki Leaks and all of us getting to know all about it. Or how about the simplest form of hacking know as phishing, a phishing email sent to Hillary Clinton campaign chairman John Podesta may have been so sophisticated that it fooled the campaign's own IT staffers, who at one point advised him it was a legitimate warning to change his password. The stolen email thread, released by WikiLeaks, also provides the most direct evidence yet that the Russian government was behind the damaging hack into the Clinton campaign, according to a private cybersecurity company.
There are two types of people/businesses/organizations when it comes to security, the reactive type and the proactive type. The reactive type don’t take enough or any measures to protect themselves hoping and praying that no one hacks or compromises their systems. But when they are hacked and the damage is done and maybe incurred loses, or even closed shop is when they will take security seriously. The proactive type is always on the look out to discover new improved ways of protecting his/her company/business or organization and always testing the security measures in place to see if they can protect them from the most recent attacks, malware, ransomware and other kinds of breaches. The proactive type doesn't wait to lose money or valuable information before taking measures to protect themselves.
Our job will be helping you to take the proactive approach to security than the reactive one. We will design a security solution that will not only meet your current security need but also one that can anticipate any security breaches or attacks that may be directed at you in the future. It is good not to be one of the statistics in history of those that were hacked and lost valuable data and money but learn from those who have lost important intellectual assets and have incurred losses or even closed shop due to not taking security seriously.
It is paramount for every organization, no matter what size, vertical or not, or whether they are publicly or privately held, to make every effort to protect their data assets. This involves a combination of clearly communicated and effective security policies, employee education, and the technologies to help ensure that the security policies put in place can be enforced.
What ever kind of business or organization you are it is time to start to think seriously about how to secure you digital assets from unwanted individuals and entities. Please talk to us and will be glad to tell you exactly what you need to protect yourself and at the same time given the opportunity we will implement the said security measures. BE SAFE.
A SUMMARY OF SECURITY TECHNOLOGIES THAT WE OFFER
1) Security Design and Network Foundation Protection.
2) Switched Data Plane Security Solutions
3) 802.1X and Identity-Based Switched Data Plane Security Solutions.
4) Cisco IOS Routed Data Plane Security
5) Cisco IOS Control Plane Security.
6) Cisco IOS Management Security.
7) Implementing Network Address Translation (NAT) on IOS.
8) Zone-Based Firewall
9) IOS Based Intrusion Prevention System (IPS)
10) Cisco IOS Virtual Tunnel Interface (VTI)-Based Site-to-Site IPSec VPNs.
11) Dynamic Multipoint VPNS (DMVPNs)
12) Group Encrypted Transport Virtual Private Network (GET VPN)
13) Deploying Remote Access Solutions using SSL VPN on Cisco IOS Routers.
14) Deploying Remote Access Solutions using EZVPNs
15) Preparing a Cisco Adaptive Security Appliance (ASA) Firewall for Network Integration.
16) Managing a Cisco ASA Firewall
17) Network Address Translation (NAT) on the Cisco ASA Firewall
18) Controlling Access Through the ASA Firewall
19) Inspecting Traffic on the Cisco ASA Firewall.
Ø Designing, configuring, and troubleshooting a policy for inspecting OSI Layers 3 and 4
Ø Designing, deploying, and troubleshooting Dynamic Protocol Inspection.
Ø Designing, deploying, and troubleshooting a policy for inspecting OSI Layers 5 through 7
Ø Detecting and Filtering Botnet Traffic.
Ø Using Threat Detection on the ASA Firewall
20) Using Proxy Services on the ASA to control access.
21) Using Transparent Firewall Mode on the Cisco ASA Firewall
22) Creating Virtual Firewalls on the ASA.
23) Deploying High Availability features on the Cisco ASA Firewall
Ø Active-Standby Failover Mode
Ø Active-Active Failover Mode
24) Integrating ASA Services Modules
Ø Installing the ASA AIP-SSM and AIP-SSC
Ø Integrating ASA CSC-SSM
25) Designing, Configuring, and Troubleshooting Policies, Inheritance, and Attributes on the Cisco ASA Firewall in preparation for VPN deployment.
26) Designing, Configuring, and Troubleshooting a Clientless Secure Socket Layer (SSL) VPNs
27) SSL High Availability and Performance.
28) Designing, Configuring and troubleshooting an AnyConnect Remote-Access VPN Solution.
29) AnyConnect High Availability and Performance.
30) Designing, Deploying and troubleshooting Cisco Secure Desktop Solution.
31) Designing, Deploying and troubleshooting Cisco IPSec Remote-Access Client Solutions.
32) Designing, Deploying and troubleshooting Cisco Easy VPN Solutions.
33) High Availability and Performance for Easy VPN.
34) Designing, Deploying and troubleshooting IPSec Site-to-Site VPNs on the ASA
35) High Availability and Performance for IPSec Site-to-Site VPNs on the ASA.
36) Introduction to Cisco Appliance Intrusion Prevention and Intrusion Detection Systems.
37) Cisco IPS Software, Hardware, and Supporting Applications and Network IPS Traffic Analysis Methods, Evasion Possibilities and Anti-Evasive Countermeasures.
38) Network IPS and IDS Deployment Architecture Design.
39) Integrating the Cisco IPS Sensor into the Network.
40) Managing Cisco IPS Devices.
41) Configuring Traffic Analysis and Implementing Cisco IPS Signature and Responses.
42) Deploying Anomaly-Based Operation.
43) Customizing Traffic Analysis and Managing False Positives and False Negatives.
44) Improving Alarm and Response Quality
45) Integrating Cisco IPS with Cisco Security Manager (CSM) and Cisco Security MARS.
46) Using the Cisco IntelliShield Database and Services.
47) Using Cisco IPS Virtual Sensors.
48) Deploying Cisco IPS for High Availability and High Performance.
49) Configuring and Maintaining the Cisco ASA AIP SSM Modules.
50) Configuring and Maintaining the Cisco ISR AIM-IPS and NME-IPS Modules.
51) Configuring and maintaining the Cisco IDSM-2
52) Introduction/Fundamentals of Authentication, Authorization, and Accounting (AAA)
53) Identity Management.
54) EAP over LAN (Also known as 802.1X).
55) Non-802.1X Authentications.
56) Cisco Identity Services Engine (ISE) Architecture.
57) Integrating the Cisco ISE into the network and configuring the Initial Setup.
58) Authentication Policies.
59) Authorization Policies.
60) Implementing Wired and Wireless Authentication.
61) Web Authentication.
62) Deploying Guest Services.
64) Certificate-Based User Authentication.
65) Designing and Deploying BYOD (“Bring Your Own Device”)
66) TrustSec and MACSec
67) Posture Assessment.
68) ISE Scaling and High Availability