• Save
Chameleon Secure Solutions Overview Presentation
Upcoming SlideShare
Loading in...5
×
 

Chameleon Secure Solutions Overview Presentation

on

  • 327 views

Product and Service Overview

Product and Service Overview

Statistics

Views

Total Views
327
Views on SlideShare
325
Embed Views
2

Actions

Likes
0
Downloads
0
Comments
0

2 Embeds 2

http://www.linkedin.com 1
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Chameleon Secure Solutions Overview Presentation Chameleon Secure Solutions Overview Presentation Presentation Transcript

  • Monday, December 07, 2009
    Presentation by: ChristoBoshoff
    12:44:04
  • Section 1
    Security: The Lay of the Land
    12:44:07
  • Security: The Lay of the Land
    Viruses
    Information Theft
    Legal Liability
    Section 1
    12:44:07
  • Security: The Lay of the Land
    Section 1
    12:44:07
  • Security: The Lay of the Land
    Percentage Contribution to a Security Solution
    Section 1
    12:44:09
  • Section 2
    Our Offering
    12:44:09
  • Technical Buying Criteria
    Section 2
    12:44:09
  • Value Statement
    Based on our skills and experience we have the ability to secure your IT environment which will result in:
    • Continually lowering your risk
    • Tested processes with measurable deliverables at an affordable price
    • We take the responsibility for the actions required to deliver security
    • A security policy that is measured and enforceable
    • This can be delivered anywhere in the world
    Section 2
    12:44:09
  • Our Offering
    Our offering is:
    A modular security service,
    delivered through onsite appliances,
    in conjunction with centralized
    intelligence systems
    and best practice processes,
    housed in our SOC.
    Section 2
    12:44:09
  • Security Policy Management
    Through a Co Source Model:
    • We are enabling internal IT to deliver wins
    • We are enabling them to provide tangible value
    • We are enhancing their control of their systems
    • We shorten your time to market
    • We remove IT security from the critical path in respect of business process implementation and improvement
    • Integrate with existing security products which results in investment protection
    Section 2
    12:44:10
  • Co Source Model
    Security Policy Management
    Our solution is implemented against an existing security policy or against the Chameleon Policy which is inline with the PCI DSS requirements.
    Section 2
    12:44:10
  • PCI Compliance
    For companies that transact, store or process credit card information our system measures, as a default, for PCI compliance.
    We have skills in the company with PCI auditing experience and can implement processes and roadmaps that will assist companies to achieve PCI compliance cost effectively.
    Section 2
    12:44:10
  • PCI Compliance
    PCI DSS 1.x Requirements
    Section 2
    12:44:21
  • Modular Security Appliance
    Security appliance that resides in your environment and enables us to deliver our security offering in a modular fashion.
    Assessments are conducted using 4 different threat engines and providing approximately 25 000 different vulnerability checks, more than 4 times our nearest competitors.
    Section 2
    12:44:21
  • C180
    Security appliance that resides in your environment and enables us to deliver our SOC service in secure and reliable fashion
    Log file collection are conducted using product agnostic technology. Network and Server / Desktop systems are fully supported regardless of the installed Operating System.
    Section 2
    12:44:21
  • Supported Products
    Security appliance that resides in your environment and enables us to deliver our security offering in a modular fashion.
    OPERATING SYSTEMS
    AIX
    BSD
    HPUX
    Linux
    Mac OSX
    NetWare Loadable Module
    Solaris
    Windows
    VIRTUALIZATION
    Citrix XenServer
    VMware Virtual Infrastructure VI3
    VMware ESX Server
    VMware Virtual Center
    PROTOCOLS
    DIG
    DNS
    FTP
    Generic Printer Monitor
    IRC, RPC
    Jabber, NNTP, NTP
    MICROSOFT TECHNOLOGIES
    Microsoft Active Directory
    Microsoft Exchange
    Microsoft IIS
    Microsoft SQL Server
    MS Terminal Services
    Window Services
    DATABASES
    MySQL
    Oracle
    PostgreSQL
    SQL Queries
    SQL Server
    APPLICATION SERVERS
    BEA WebLogic
    ColdFusion MX
    IBM WebSphere
    Java Virtual Machine
    JBoss
    JMX Enabled Application Servers
    Tomcat
    WEB SERVERS
    Apache
    Server Load Balancing Virtual Server
    Squid
    Web (HTTP) Transactions
    NETWORK DEVICES
    AlvarionWiFi , BigIP LTM Virtual Server, BlueCoat
    Appliances, Brocade Switches, Cisco IP SLA , Cisco Security Appliance,
    Colubris Wireless, Fortigate, Funkwerk,
    IronPort Email Security & Relay Appliances , Juniper,
    LTM Virtual Server, MRV wireless , Netasq, NetScreen, Nortel, Raytalk Wireless, SourceFire
    HARDWARE, CRM, HELPDESK, LDAP and many more
    Section 2
    12:44:25
  • SOC
    Security appliance that resides in your environment and enables us to deliver our SOC service in a secure and reliable fashion
    • 24 x 7 Manned environment
    • Reacts to alerts
    • Processes data to deliver meaningful information
    • Manages tasks and requests
    • Interacts with a 24 x 7 Call Centre
    • Centralized high skills base to react to security alerts
    • Skills allocated per client for intimate knowledge of customer environment
    Section 2
    12:44:25
  • Section 3
    How we do it
    12:44:25
  • How we do it
    Section 3
    12:44:30
  • Operational Impact
    Value
    Cost
    Section 3
    12:44:30
  • Operational Impact
  • Project Plan Driven
    • Engagements are Project Plan Driven
    • Deliverables, Timelines and Responsibilities are agreed on with client
    SAMPLE
    Section 3
    12:44:33
  • Project Plan Driven
    • Engagements are Project Plan Driven
    • Deliverables, Timelines and Responsibilities are agreed on with client
    Section 3
    12:44:33
  • Focused Operational Meetings
    • Who is responsible for described task
    • What is the expected completion date
    • When was actual completion date
    SAMPLE
    Section 3
    12:44:33
  • Meeting Minutes
    • Minutes are send out and updated before meetings
    • Updates are communicated and discussed during meeting
    SAMPLE
    Section 3
    12:44:36
  • Sample Report Summary
    • Overall Company Vulnerabilities Scan Report
    • Detailed Vulnerabilities Report
    • Overall Malicious Services Summary
    • Detailed Malicious Services Report
    • Detected Administrator Accounts
    • Overall Company Installed Applications Summary
    • Detailed Applications Report
    • PCI Non-Compliance Summary
    • Detected Shares and Share Content
    Section 3
    12:44:36
  • Sample Report Summary
    • Backup Summary Report
    • Detailed Configuration Changes report
    • Network Inventory Report
    • Network Summary Report
    • Protocols and Credentials Report
    Section 3
    12:44:40
  • How we meet Technical Buying Criteria
    Section 3
    12:44:40
  • Section 4
    How we meet the supplier Criteria
    12:44:40
  • Supplier Criteria
    Section 4
    12:44:43
  • Powered by Chameleon Secure Solutions
    Skills and Experience
    • 15 Staff with 120 years experience
    • 7 Graduates including BSC Masters in Data and Information Security
    • 1 Staff member with Oxford Tertiary education
    • 3 Professional Engineers, Electronics
    • 5 Staff with International Experience
    • Assign consulting resources to align with our re-iterative process
    • Monitor
    • Measure
    • Incident Management
    • Policy Refinement
    Section 4
    12:44:43
  • International Publications
    World Comp and IEEE accepted publications
    We have been invited to publish and present two international academic papers at WORLDCOMP ‘08 and ’09 held in the United States.
    World Congress in Computer Science, Computer Engineering, and Applied Computing (WORLDCOMP). WORLDCOMP is the largest annual gathering of researchers in computer science, computer engineering and applied computing. It assembles a spectrum of affiliated research conferences, workshops, and symposiums into a coordinated research meeting held in a common place at a common time. This model facilitates communication among researchers in different fields of computer science and computer engineering.
    IEEE Published article can be found at:
    http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4696131
    Section 4
    12:44:43
  • References
    • Zurich Insurance South Africa
    • Aristocrat
    • SBV
    • SAC
    • Gijima AST
    • Code Online
    • L@Wtrust
    • Bytes Technology Group
    • South African Post Office
    • South African Post Bank
    Section 4
    12:44:45
  • Culture
    • Our philosophy in respect of consultants is to measure them in respect of customer satisfaction and we implement incentive schemes based on agreed criteria.
    • Being a PTY company, we are not governed by the same financial performance criteria as a listed entity and therefore are able to reinvest profit in growing the company.
    • Being a service consultative based organization with staff bonus schemes and equity participation opportunities we have been able to attract and retain key personnel in this country who otherwise would be tempted to look abroad.
    • Our differentiation in the market will always be the quality of our staff and we therefore we invest heavily in education, awareness programs and training.
    Section 4
    12:44:46