Chameleon Secure Solutions Overview Presentation


Published on

Product and Service Overview

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Chameleon Secure Solutions Overview Presentation

  1. 1. Monday, December 07, 2009<br />Presentation by: ChristoBoshoff<br />12:44:04<br />
  2. 2. Section 1<br />Security: The Lay of the Land<br />12:44:07<br />
  3. 3. Security: The Lay of the Land<br />Viruses<br />Information Theft<br />Legal Liability<br />Section 1<br />12:44:07<br />
  4. 4. Security: The Lay of the Land<br />Section 1<br />12:44:07<br />
  5. 5. Security: The Lay of the Land<br />Percentage Contribution to a Security Solution<br />Section 1<br />12:44:09<br />
  6. 6. Section 2<br />Our Offering<br />12:44:09<br />
  7. 7. Technical Buying Criteria<br />Section 2<br />12:44:09<br />
  8. 8. Value Statement<br />Based on our skills and experience we have the ability to secure your IT environment which will result in:<br /><ul><li>Continually lowering your risk
  9. 9. Tested processes with measurable deliverables at an affordable price
  10. 10. We take the responsibility for the actions required to deliver security
  11. 11. A security policy that is measured and enforceable
  12. 12. This can be delivered anywhere in the world</li></ul>Section 2<br />12:44:09<br />
  13. 13. Our Offering<br />Our offering is:<br />A modular security service, <br />delivered through onsite appliances, <br />in conjunction with centralized<br />intelligence systems <br />and best practice processes, <br />housed in our SOC.<br />Section 2<br />12:44:09<br />
  14. 14. Security Policy Management<br />Through a Co Source Model:<br /><ul><li>We are enabling internal IT to deliver wins
  15. 15. We are enabling them to provide tangible value
  16. 16. We are enhancing their control of their systems
  17. 17. We shorten your time to market
  18. 18. We remove IT security from the critical path in respect of business process implementation and improvement
  19. 19. Integrate with existing security products which results in investment protection</li></ul>Section 2<br />12:44:10<br />
  20. 20. Co Source Model<br />Security Policy Management<br />Our solution is implemented against an existing security policy or against the Chameleon Policy which is inline with the PCI DSS requirements.<br />Section 2<br />12:44:10<br />
  21. 21. PCI Compliance<br />For companies that transact, store or process credit card information our system measures, as a default, for PCI compliance.<br />We have skills in the company with PCI auditing experience and can implement processes and roadmaps that will assist companies to achieve PCI compliance cost effectively.<br />Section 2<br />12:44:10<br />
  22. 22. PCI Compliance<br />PCI DSS 1.x Requirements<br />Section 2<br />12:44:21<br />
  23. 23. Modular Security Appliance<br />Security appliance that resides in your environment and enables us to deliver our security offering in a modular fashion.<br />Assessments are conducted using 4 different threat engines and providing approximately 25 000 different vulnerability checks, more than 4 times our nearest competitors. <br />Section 2<br />12:44:21<br />
  24. 24. C180<br />Security appliance that resides in your environment and enables us to deliver our SOC service in secure and reliable fashion<br />Log file collection are conducted using product agnostic technology. Network and Server / Desktop systems are fully supported regardless of the installed Operating System.<br />Section 2<br />12:44:21<br />
  25. 25. Supported Products<br />Security appliance that resides in your environment and enables us to deliver our security offering in a modular fashion.<br />OPERATING SYSTEMS<br />AIX<br />BSD<br />HPUX <br />Linux<br />Mac OSX<br />NetWare Loadable Module<br />Solaris<br />Windows<br />VIRTUALIZATION<br />Citrix XenServer<br />VMware Virtual Infrastructure VI3<br />VMware ESX Server<br />VMware Virtual Center<br />PROTOCOLS<br />DIG<br />DNS<br />FTP<br />Generic Printer Monitor <br />IRC, RPC<br />Jabber, NNTP, NTP<br />MICROSOFT TECHNOLOGIES<br />Microsoft Active Directory<br />Microsoft Exchange<br />Microsoft IIS<br />Microsoft SQL Server<br />MS Terminal Services<br />Window Services<br />DATABASES<br />MySQL<br />Oracle<br />PostgreSQL<br />SQL Queries<br />SQL Server<br />APPLICATION SERVERS<br />BEA WebLogic<br />ColdFusion MX<br />IBM WebSphere<br />Java Virtual Machine<br />JBoss<br />JMX Enabled Application Servers<br />Tomcat<br />WEB SERVERS<br />Apache<br />Server Load Balancing Virtual Server<br />Squid<br />Web (HTTP) Transactions<br />NETWORK DEVICES<br />AlvarionWiFi , BigIP LTM Virtual Server, BlueCoat<br />Appliances, Brocade Switches, Cisco IP SLA , Cisco Security Appliance, <br />Colubris Wireless, Fortigate, Funkwerk, <br />IronPort Email Security & Relay Appliances , Juniper, <br />LTM Virtual Server, MRV wireless , Netasq, NetScreen, Nortel, Raytalk Wireless, SourceFire<br />HARDWARE, CRM, HELPDESK, LDAP and many more <br />Section 2<br />12:44:25<br />
  26. 26. SOC<br />Security appliance that resides in your environment and enables us to deliver our SOC service in a secure and reliable fashion<br /><ul><li>24 x 7 Manned environment
  27. 27. Reacts to alerts
  28. 28. Processes data to deliver meaningful information
  29. 29. Manages tasks and requests
  30. 30. Interacts with a 24 x 7 Call Centre
  31. 31. Centralized high skills base to react to security alerts
  32. 32. Skills allocated per client for intimate knowledge of customer environment</li></ul>Section 2<br />12:44:25<br />
  33. 33. Section 3<br />How we do it<br />12:44:25<br />
  34. 34. How we do it<br />Section 3<br />12:44:30<br />
  35. 35. Operational Impact<br />Value<br />Cost<br />Section 3<br />12:44:30<br />
  36. 36. Operational Impact<br />
  37. 37. Project Plan Driven<br /><ul><li>Engagements are Project Plan Driven
  38. 38. Deliverables, Timelines and Responsibilities are agreed on with client</li></ul>SAMPLE<br />Section 3<br />12:44:33<br />
  39. 39. Project Plan Driven<br /><ul><li>Engagements are Project Plan Driven
  40. 40. Deliverables, Timelines and Responsibilities are agreed on with client</li></ul>Section 3<br />12:44:33<br />
  41. 41. Focused Operational Meetings<br /><ul><li>Who is responsible for described task
  42. 42. What is the expected completion date
  43. 43. When was actual completion date</li></ul>SAMPLE<br />Section 3<br />12:44:33<br />
  44. 44. Meeting Minutes<br /><ul><li>Minutes are send out and updated before meetings
  45. 45. Updates are communicated and discussed during meeting</li></ul>SAMPLE<br />Section 3<br />12:44:36<br />
  46. 46. Sample Report Summary<br /><ul><li>Overall Company Vulnerabilities Scan Report
  47. 47. Detailed Vulnerabilities Report
  48. 48. Overall Malicious Services Summary
  49. 49. Detailed Malicious Services Report
  50. 50. Detected Administrator Accounts
  51. 51. Overall Company Installed Applications Summary
  52. 52. Detailed Applications Report
  53. 53. PCI Non-Compliance Summary
  54. 54. Detected Shares and Share Content</li></ul>Section 3<br />12:44:36<br />
  55. 55. Sample Report Summary<br /><ul><li>Backup Summary Report
  56. 56. Detailed Configuration Changes report
  57. 57. Network Inventory Report
  58. 58. Network Summary Report
  59. 59. Protocols and Credentials Report</li></ul>Section 3<br />12:44:40<br />
  60. 60. How we meet Technical Buying Criteria<br />Section 3<br />12:44:40<br />
  61. 61. Section 4<br />How we meet the supplier Criteria<br />12:44:40<br />
  62. 62. Supplier Criteria<br />Section 4<br />12:44:43<br />
  63. 63. Powered by Chameleon Secure Solutions<br />Skills and Experience <br /><ul><li>15 Staff with 120 years experience
  64. 64. 7 Graduates including BSC Masters in Data and Information Security
  65. 65. 1 Staff member with Oxford Tertiary education
  66. 66. 3 Professional Engineers, Electronics
  67. 67. 5 Staff with International Experience
  68. 68. Assign consulting resources to align with our re-iterative process
  69. 69. Monitor
  70. 70. Measure
  71. 71. Incident Management
  72. 72. Policy Refinement</li></ul>Section 4<br />12:44:43<br />
  73. 73. International Publications<br />World Comp and IEEE accepted publications<br />We have been invited to publish and present two international academic papers at WORLDCOMP ‘08 and ’09 held in the United States.<br />World Congress in Computer Science, Computer Engineering, and Applied Computing (WORLDCOMP). WORLDCOMP is the largest annual gathering of researchers in computer science, computer engineering and applied computing. It assembles a spectrum of affiliated research conferences, workshops, and symposiums into a coordinated research meeting held in a common place at a common time. This model facilitates communication among researchers in different fields of computer science and computer engineering.<br />IEEE Published article can be found at:<br /><br />Section 4<br />12:44:43<br />
  74. 74. References<br /><ul><li>Zurich Insurance South Africa
  75. 75. Aristocrat
  76. 76. SBV
  77. 77. SAC
  78. 78. Gijima AST
  79. 79. Code Online
  80. 80. L@Wtrust
  81. 81. Bytes Technology Group
  82. 82. South African Post Office
  83. 83. South African Post Bank</li></ul>Section 4<br />12:44:45<br />
  84. 84. Culture<br /><ul><li>Our philosophy in respect of consultants is to measure them in respect of customer satisfaction and we implement incentive schemes based on agreed criteria.
  85. 85. Being a PTY company, we are not governed by the same financial performance criteria as a listed entity and therefore are able to reinvest profit in growing the company.
  86. 86. Being a service consultative based organization with staff bonus schemes and equity participation opportunities we have been able to attract and retain key personnel in this country who otherwise would be tempted to look abroad.
  87. 87. Our differentiation in the market will always be the quality of our staff and we therefore we invest heavily in education, awareness programs and training.</li></ul>Section 4<br />12:44:46<br />