Alan Doherty [Rated By ICRA] Level Double-A conformance icon, W3C-WAI Web Content Accessibility Guidelines 1.0
Valid CSS! Valid HTML 4.01 Strict

Some Network/Security Services I Can Provide

Wan design

I can advise on issues such as suitability of equipment, configuration, redundancy and cost-effective solutions. I can also document the existing design in such a way as to allow rapid configuration of replacement equipment in the case of equipment failure. I can also perform Wan 'Tuning' {filtering of unwanted chatter between networks} to decrease unnecessary load on expensive leased lines. I can also configure most equipment to interoperate with others of different manufacturers.

Internet security

I have built some of the most stable checkpoint firewalls on both windows and linux, over the past 10 years i have probably installed several hundreds. I have also continued to install cisco pix/ASA devices on a regular basis. I am also familiar with a range of other true and pseudo firewalls and can easily advise on what is appropriate for your needs. I can also advise on altering the rule base for increased throughput, security.

Server Configuration

I can advise on suitability of different types of OS or server-application. I can analyse the potential points of attack in current configuration and provide details on steps necessary to harden. I can install and harden most OS's, and have a range of modifications that can be made to aid in creating audit trails and system alerts.

External Security Audit

Basic penetration test based audit of services and vulnerabilities on your systems that are currently exposed to the internet.

Gateway security audit

Include same as above, but additionally configuration of the firewall/gateway device is analysed, and analysis is done on all internet visible services and bastion routers as well.

Selective audit

You define the additional scope, normally involves the entire Gateway security audit plus a few extra systems.

Full Security Audit

Configuration of all hosts {servers firewalls routers workstations etc.} is checked for potential vulnerabilities.
Remember: most hacks originate from inside the organisation

Standardisation of server builds

I use a large selection of self developed freeware tools/scripts that make it nearly impossible to overlook a particular area of configuration, and make the configurations more uniform to ease the burden of support.

Remote Systems Administration

I can {for a tiny monthly retainer} keep copies of your systems configuration, and configure them to be administered remotely by myself, {this is all the retainer is for} then Upon request make whatever changes you need made to the relevant systems {each change is charged for but at a lower cost than an unsupported customer}. {this is only available as an option on certain systems and in cases where it is possible to do this without risking a security compromise} common examples are anything on linux {usually checkpoint, sendmail, exim, apache or samba} most routers, cisco pix/ASA, checkpoint on nokia, most integrated devices and all windows servers {requires the customer to be available to initiate my connection, as leaving windows vnc/rdp available to outside connection is vulnerable to brute-force attack}.
This service is very useful for the devices like firewalls and routers that should not need many alterations but could result in catastrophe if re-configured incorrectly.

Last updated July. 2002 Alan Doherty