Cisco Network Security Shop! Call (888) 233-6471 for Cisco Network Security Solutions by PBM IT.

Home About Us Bookmark or Share Contact Us Locations Quotes Directory PBM IT Solutions

Main Menu

Home About Us Locations PBM IT Solutions Contact Us

PBM IT Solutions

Network Security Security Management OTP Security Penetration Tests Security Assessment Security Audits Computer Worm Protection Computer Virus Protection Information Theft Prevention Business Availability Unknown Vulnerability Regulatory Compliance

Cisco Network Security Shop - PBM IT Solutions - Call (888) 233-6471

Featured Solution: Cisco Network Security Services

Cisco Network Security Shop offers Cisco Network Security solutions that are customized for your business needs. Call (888) 233-6471 to speak with a Cisco Sales Expert (CSE) who will review your requirements.

With attacks on the rise, businesses and customers need assurance they are protected from the disruption and cost-of-service outages or corrupted data. The proven Cisco Self-Defending Network is a multifaceted approach that protects businesses from the devastating effects of worms, viruses, cyber-terrorists, and other attacks. Computer viruses, worms, and spyware typically enter businesses via e-mail or IM applications, Web downloads, or file transfers, although sophisticated attacks can enter via mobile wireless services or operating system services. Industry-leading Cisco Intrusion Prevention Systems (IPSs) scan and inspect all incoming traffic in real time, looking for known irregularities that may signal an attack. If an anomaly is detected, a Cisco security appliance rates the severity of the risk and communicates to other security-aware network components. This way, they can stop the threat at the source immediately and prevent it from spreading through the network. Worms, viruses, and spyware arenâ€™t the only way businesses can be attacked. Cisco security appliances use the same traffic and application inspection capabilities to detect and repel DoS attacks, or other attacks so new they donâ€™t have a name yet. Integrated security throughout the business stops known and unknown attacks in real time, and communication between network components allows them to adapt to changing security conditions. These layers of security allow small and medium-sized businesses to continue to respond to customers and stay open for business even while under attack

Cisco IronPort Web Security Appliances (1) Integrate industry-leading web-usage controls, reputation filtering, malware filtering, and data security, (2) Take advantage of Cisco Security Intelligence Operations (SIO) and global threat correlation technology to help optimize threat detection and mitigation, (3) Combine multiple layers of web security technology to combat complex and sophisticated web-based threats, and (4) Support built-in management capabilities to simplify administration and provide visibility into threat-related activity.

Cisco TrustSec (1) Provides network access controls based on a consistent policy for users, endpoint devices, and networking devices (such as routers and switches), (2) Uses end user, device identity and other information to provide precise security policy controls both at the edge and through the network, (3) Is ideal for organizations that need to control how a user or device is granted access, what security policies endpoint devices must meet, and which resources authorized users may access, and (4) Helps secure data paths in the switching environment with IEEE 802.1AE standard encryption and, with Cisco switching infrastructure, maintains control so that critical security applications such as firewalls, intrusion prevention, and content inspection can retain visibility into data streams

In order to provide some level of separation between an organization's intranet and the Internet, firewalls have been employed. A firewall is simply a group of components that collectively form a barrier between two networks. A number of terms specific to firewalls and networking are used: (1) Bastion host. A general-purpose computer used to control access between the internal (private) network (intranet) and the Internet (or any other untrusted network). Typically, these are hosts running a flavor of the Unix operating system that has been customized in order to reduce its functionality to only what is necessary in order to support its functions. Many of the general-purpose features have been turned off, and in many cases, completely removed, in order to improve the security of the machine, (2) Router. A special purpose computer for connecting networks together. Routers also handle certain functions, such as routing , or managing the traffic on the networks they connect, (3) Access Control List (ACL). Many routers now have the ability to selectively perform their duties, based on a number of facts about a packet that comes to it. This includes things like origination address, destination address, destination service port, and so on. These can be employed to limit the sorts of packets that are allowed to come in and go out of a given network, (4) Demilitarized Zone (DMZ). The DMZ is a critical part of a firewall: it is a network that is neither part of the untrusted network, nor part of the trusted network. But, this is a network that connects the untrusted to the trusted. The importance of a DMZ is tremendous: someone who breaks into your network from the Internet should have to get through several layers in order to successfully do so. Those layers are provided by various components within the DMZ, and (4) Proxy. This is the process of having one host act in behalf of another. A host that has the ability to fetch documents from the Internet might be configured as a proxy server , and host on the intranet might be configured to be proxy clients . In this situation, when a host on the intranet wishes to fetch the web page, for example, the browser will make a connection to the proxy server, and request the given URL. The proxy server will fetch the document, and return the result to the client. In this way, all hosts on the intranet are able to access resources on the Internet without having the ability to direct talk to the Internet.

Important terms used for describing how data is stored, processed or transmitted to other locations: (1) Confidentiality, in terms of selecting who or what is allowed access to data and systems. This is achieved through encryption and access control systems. Even knowledge of the existence of data, rather than the information that it contains, may be of significant value to an eavesdropper, (2) The integrity of data, where modification is allowed only by authorized persons or organizations. The modifications could include any changes such as adding to, selectively deleting from, or even changing the status of a set of data, (3) The freshness of data contained in messages. An attacker could capture part or all of a message and re-use it at a later date, passing it off as a new message. Some method of incorporating a freshness indicator (e.g. a time stamp) into messages minimizes the risk of this happening, (4) The authentication of the source of information, often in terms of the identity of a person as well as the physical address of an access point to the network such as a workstation, and (5) The availability of network services, including security procedures, to authorized people when they are needed.

Security testing is an essential component of improving the security posture of your organization. Organizations that have an organized, systematic, comprehensive, on-going, and priority driven security testing regimen are in a much better position to make prudent investments to enhance the security posture of their systems.

Understand the capabilities and limitations of vulnerability testing. Vulnerability testing may result in many false positive scores, or it may not detect certain types of problems that are beyond the detection capabilities of the tools. Penetration testing is an effective complement to vulnerability testing, aimed at uncovering hidden vulnerabilities. However, it is resource intensive, requires much expertise, and can be expensive. Organizations should still assume they are vulnerable to attack regardless of how well their testing scores indicate.

One form of attack on computing systems connected to the Internet is eavesdropping on network connections to obtain login ids and passwords of legitimate users [RFC 1704]. Bellcore's S/KEY(TM) one-time password system was designed to counter this type of attack, called a replay attack [RFC 1760]. Several one-time password implementations compatible with Bellcore's S/KEY (TM) system exist. These implementations are increasingly widely deployed in the Internet to protect against passive attacks.

Cisco ASA 5500 Series Adaptive Security Appliances also provide (1) Adaptable architecture for rapid and customized security services deployment, (2) Advanced intrusion prevention services that defend against a broad range of threats, and (3) Highly secure remote access and unified communications to enhance mobility, collaboration, and productivity.

The configuration files tend to be hundreds of pages long, and full of confidential information such as passwords, and addresses. The solution here is to ask network administrators to provide output of a script or single command after removing confidential information. This way, the auditor doesn't need to read through a long printout, and can focus only on important information.