Select Industry Banking Capital Markets Charities Construction Education Financial Services Healthcare Hospitality Sector Insurance Legal Mortgage Providers Office Relocations Public Sector Real Estate Solutions Training Centres Travel and Tourism

Select Service Application Development Database Services Web Services Enterprise Solutions IT Infrastructure Services Network Installations Application Testing SME Support Plan

Security Implementation - IT and network security solutions for businesses

Network Security Architecture Design:

Security is a major concern for any network manager or user. There is more to security than just buying and installing hardware and software products. It is of paramount significance that companies gain valuable understanding of the level of effort needed and life cycle management issues involved in developing and maintaining robust security architectures. Network Security implementation with NIVID ensures that our clients are aware of how the security procedures implemented meet their organisation’s business objectives and test their configuration during each stage of development.

Concerns range from unauthorized access to or tampering with personal or sensitive data through to the malicious damage that may be caused by a virus. These problems become of particular concern when connection is made to the internet. A number of simple devices may suffice for many applications, such as passwords, PINs, secure bridges etc. These measures can provide local security but do nothing to protect user data while it is in transit over the network. As most of our clients are small-medium sized business (SMB’s), this section concentrates on the security in those companies.

In order to understand the IT and network security environment, and how best to deal with it, it is necessary to define some terms, and describe the kinds of threats and security solutions that exist today.

Vulnerabilities

Vulnerabilities are known (or newly found) security holes that exist in software. An example is a buffer overflow, which occurs when the developer of a software product exceeds the allowed amount of data or send unexpected characters. Vulnerabilities can exist in software running on PC’s, servers, communications equipment such as routers, or almost any device running software. Not all vulnerabilities are created equal- some will cause the program affected to crash (which can lead to a denial of service condition on the affected system), or cause a reboot, or in the worst case, they can allow the attacker to gain root or administrative access to the affected system. Upon discovery of vulnerability, the software vendor will (hopefully quickly) develop a fix, or software patch, and makes it available to all users.

Threats or attacks

one useful way to categorize security threats or attacks is to look at the intent- a directed attack is one aimed at a single company- for example a company attempting to hack into a competitors network. A mass attack is usually a virus or worm, that is launched onto the Internet, and that replicates itself to as many systems as possible, as quickly as possible. Attacks may come from outside of a company, or a company insider may carry them out. Viruses- Viruses are generally carried within e-mail messages, although they are anticipated to become a security problem for instant messaging traffic as well. Users unknowingly cause the virus to execute as a program on their system when they click on an attachment that runs the virus program. Virus writers go to great lengths to disguise the fact that the attachment is in fact a virus. They also attempt to spread by using all of the e-mail addresses that they can find on an infected system to send themselves to. An example of a well knows virus is the Bagle family of viruses (there have been many versions of this virus). These viruses contain their own e-mail server, so that they can replicate by sending email to all mail addresses that they harvest from the compromised system.

Worms

Worms are very similar to viruses in that they are computer programs that replicate themselves and that often, but not always, contain some functionality that will interfere with the normal use of a computer or a program. The difference is that unlike viruses, worms exist as separate entities; they do not attach themselves to other files or programs. A worm can spread itself automatically over the network from one computer to the next. Worms take advantage of automatic file sending and receiving features found on many computers. An example of a worm is the Blaster worm, which rapidly spread through the Internet in August 2003. Blaster targeted computers running Windows operating systems, and used vulnerability in Remote Procedure Call (RPC) code.

Trojan horses

As the name implies, these are software programs that are put onto target systems (whether by a direct hack, or as the result of a virus or worm) that have a malicious intent. The Trojan can capture Passwords, or provide root access to the system remotely.

Denial of service attacks (DoS)

A denial of service attack attempts to put the target site out of operation, frequently by flooding the site with bogus traffic thus making it unusable.

Spam

Spam is not a security threat per se, but spam techniques are increasingly being used to deliver malicious software. Spam can also be used to launch “phishing” attacks, which attempt to elicit confidential personal information (bank account information, credit card information, etc.) as a means to steal identity, or cause financial harm.