Data Leakage! Call (888) 233-6471

Home About Us Bookmark or Share Contact Us Locations Quotes Directory PBM IT Solutions

Main Menu

Home About Us Locations PBM IT Solutions Contact Us

PBM IT Solutions

Cisco Network Security Solutions Cisco ASA Audit Reviews Data Leakage Denial Event Correlation Cisco Firewalls Cisco Intrusion Prevention System Cisco Integrated Security Cisco Next Generation ISR Cisco Secure Mobility

Data Leakage! Call PBM IT Solutions at (888) 233-6471

Aside from these malicious security threats, new laws and regulations require that small and medium-sized businesses protect the privacy and integrity of the information entrusted to them. The European Union and many individual countries have legislation governing the protection of personal data in the hands of organizations. Countries have also drafted additional laws governing specific information, such as healthcare information. For example, in the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires health care organizations, including every doctors office, to put safeguards in place to ensure the privacy of health information and prevent unauthorized access. The onus is on businesses to comply with laws and regulations that apply to their business in their markets. Unfortunately, many smaller businesses find their resources only stretch so far. Yet customers want assurance that the information they entrust to businesses is kept private. All businesses must take steps to secure their business infrastructure, but small and medium-sized businesses in particular require simple, right-sized, affordable solutions. Cisco has developed a security solution specifically for small and medium-sized businesses (SMB) that incorporates the principles of the Cisco Self-Defending Network.

The Cisco Intrusion Prevention System (1) Identifies, classifies, and stops malicious traffic, including worms, spyware, adware, viruses, and application abuse, (2) Delivers high-performance, intelligent threat detection and protection over a range of deployment options, (3) Uses reputation filtering and global inspection to give businesses actionable intelligence and prevent threats with confidence, and (4) Promotes business continuity and helps businesses meet compliance needs.

Cisco Virtual Office (1) Extends highly secure, rich, and manageable network services to employees working outside the traditional work environment, (2) Is a cost-effectively scales to deployment requirements through standard or express versions, (3) Includes remote site and head-end systems, remote site aggregation, and services from Cisco and approved partners, and (4) Delivers an office-caliber experience to staff wherever they're located with full IP phone, wireless, data, and video services.

In order to provide some level of separation between an organization's intranet and the Internet, firewalls have been employed. A firewall is simply a group of components that collectively form a barrier between two networks. A number of terms specific to firewalls and networking are used: (1) Bastion host. A general-purpose computer used to control access between the internal (private) network (intranet) and the Internet (or any other untrusted network). Typically, these are hosts running a flavor of the Unix operating system that has been customized in order to reduce its functionality to only what is necessary in order to support its functions. Many of the general-purpose features have been turned off, and in many cases, completely removed, in order to improve the security of the machine, (2) Router. A special purpose computer for connecting networks together. Routers also handle certain functions, such as routing , or managing the traffic on the networks they connect, (3) Access Control List (ACL). Many routers now have the ability to selectively perform their duties, based on a number of facts about a packet that comes to it. This includes things like origination address, destination address, destination service port, and so on. These can be employed to limit the sorts of packets that are allowed to come in and go out of a given network, (4) Demilitarized Zone (DMZ). The DMZ is a critical part of a firewall: it is a network that is neither part of the untrusted network, nor part of the trusted network. But, this is a network that connects the untrusted to the trusted. The importance of a DMZ is tremendous: someone who breaks into your network from the Internet should have to get through several layers in order to successfully do so. Those layers are provided by various components within the DMZ, and (4) Proxy. This is the process of having one host act in behalf of another. A host that has the ability to fetch documents from the Internet might be configured as a proxy server , and host on the intranet might be configured to be proxy clients . In this situation, when a host on the intranet wishes to fetch the web page, for example, the browser will make a connection to the proxy server, and request the given URL. The proxy server will fetch the document, and return the result to the client. In this way, all hosts on the intranet are able to access resources on the Internet without having the ability to direct talk to the Internet.

Message modification could involve modifying a packet header address for the purpose of directing it to an unintended destination or modifying the user data.

Ensure that security policy accurately reflects the organization needs. The policy must be used as a baseline for comparison with testing results. Without appropriate policy, the usefulness of testing is drastically limited. For example, discovering that a firewall permits the flow of certain types of traffic may be irrelevant if there is no policy that states what type of traffic or what type of network activity is permitted. When there is a policy, testing results can be used to improve the policy.

Computer systems today are more powerful and more reliable than in the past; however they are also more difficult to manage. System administration is a complex task, and increasingly it requires that system administration personnel receive specialized training. In addition, the number of trained system administrators has not kept pace with the increased numbers of networked systems. One result of this is that organizations need to take extra steps to ensure that their systems are configured correctly and securely. And, they must do so in a cost-effective manner.

One form of attack on computing systems connected to the Internet is eavesdropping on network connections to obtain login ids and passwords of legitimate users [RFC 1704]. Bellcore's S/KEY(TM) one-time password system was designed to counter this type of attack, called a replay attack [RFC 1760]. Several one-time password implementations compatible with Bellcore's S/KEY (TM) system exist. These implementations are increasingly widely deployed in the Internet to protect against passive attacks.

Cisco ASA 5500 Series Adaptive Security Appliances also provide (1) Adaptable architecture for rapid and customized security services deployment, (2) Advanced intrusion prevention services that defend against a broad range of threats, and (3) Highly secure remote access and unified communications to enhance mobility, collaboration, and productivity.

Network administrators can run the grep command against configuration files pulled from routers and firewalls and stored in local directory of their workstation (UNIX or Windows), or use grep statement build into Cisco IOS or ASA. For example, suppose the auditor wants to check the configuration for all telnet statements. The network administrator can run show running-config grep telnet and look through each entry (or without grep, just using include sh run i telnet), filter out addresses and send output to auditor.