Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

C90 Security Service

329 views

Published on

C90 Security Appliance

  • Be the first to comment

  • Be the first to like this

C90 Security Service

  1. 1. C90 Security Appliance Chameleon Secure Solutions (Pty) Ltd • Reg. No. 2007/032120/07 • Vat No. 4300244029 (o) 011 463 8035 • (f) 086 608 6668 • (w) www.chameleon-ss.com Bridgeport House • Hampton Park North • 20 Georgian Crescent • Bryanston Directors • Reinhard Behrens • Christo Boshoff • Possey Mina
  2. 2. Chameleon Secure Solutions C90 Security Appliance Confidential 1. Overview C90 is a Vulnerability Assessment solution providing:  Reporting on the vulnerabilities of external facing IP assets  Reporting on the vulnerabilities and security risks associated with internal IP assets  Change detection and control monitoring on network assets  Consultancy in respect of issues arising from any of the above C90 comprises of three modules: 1) Insider+ ( Focuses on vulnerability and risk assessment of internal IP assets) 2) Hackview ( Focuses on vulnerability and risk assessment of external - internet accessible - IP assets) 3) Change Detection+ ( Focuses on the configuration and changes to configuration of network specific components) 2. Insider+ Features & Benefits FEATURE BENEFIT 1.1 Can identify vulnerability by customer as a whole, geographical location 1. Detect vulnerabilities and or departmentally by IP subnet implementation. categorize them from Serious to 1.2 Allows customers to prioritise fixing operation. Informational 1.3 Gives customer a view of the general health of the environment. 1.4 Provide customer with specific solutions for each vulnerability. 1.5 Pick top n-number of faults. Number of instances and by severity. 2.1 Track and remove malicious applications and services from devices 2. Detect open ports and map to known malicious known services 2.2 Track and remove unauthorised applications and services from devices 3. Installed applications 3.1 Asset applications and licensing management (legal compliance), standardised setups (compliance to build standards) 4.1 Enables the customer to transact credit card transactions 4. Compare current device status 4.1 Gives the customer a best practice security model to a policy (e.g. password 4.1 Companies that are PCI compliant are afforded safe harbour by strength, applications installed Visa/Mastercard. vs. standard, account enabled vs. allowed.) 5.1 Protects the company owners/directors from liability from copy write 5. Detect illegal content (MP3, infringement. videos, sensitive documents by 5.1 Protects the company from malicious content. keywords, or define document 5.1 Saves the company the loss of time and money due to misuse of disk name) space and backup resources. 5.1 Enables the company to track the whereabouts and use of sensitive information. (eg. Credit card information, contracts, costings, etc.) 6.1 License management for OS 6. OS Listing vs. allowed OS 6.1 Standardisation of OS (service pack installed vs. 6.1 Standardisation of Service Packs for system interoperability expected) 6.1 Identification of security risks through unpatched systems 7.1 Enables you to identify and manage administrator accounts 7. Number of accounts and UID 7.1 Enables you to get rid of dormant administrator accounts 500 (listed by username) 8.1 Enables the company to protect access to sensitive information 8. Shared directories by device and 8.1 Highlights sharing of undesirable information content 9.1 Enables the company to identify unauthorised ntp sources 9 Device time stamp management 9.1 Identifies devices with out-of-sync time stamps. 2 of 4
  3. 3. Chameleon Secure Solutions C90 Security Appliance Confidential 3. HackView Features & Benefits FEATURE BENEFIT 1. Highlights vulnerabilities 1.1 Enables you to secure your business from external attacks. exposed to outside world (on 1.2 Enables you to ensure your customers and suppliers that your all external facing IP assets) environment is secure from external threat. 1.3 Enables you to comply with security policies and/or regulatory standards. 2. 24,954 Known vulnerabilities 2.1 Ensures that you are checking against the maximum known number of from 4 vulnerability engines vulnerabilities and therefore provides you with the most comprehensive consolidated. test available in the industry. 4. Change Detection+ Features & Benefits FEATURE BENEFIT 1. Backups – scheduled or on 1.1 Enables you to know your network device configurations are regularly demand, errors backed up generationally. 1.2 Any devices that failed to backup, you are alerted on and have some tools to enable you to fix the problem. 1.3 You have access to configurations for rollback purposes. 1.4 You have an audit trail of backed up configurations and configuration changes available which can be used for internal investigations and auditors. 2. Scheduled reporting 2.1 Report is automated, therefore creating efficiency and removes the human element. 3. Operational Tools: 3.1 Convenient operational tools enable customers to quickly and - Configuration effectively identify, track and fix problems from a single system. - Diagnostic tools - Fault resolutions - Configuration of CSS system for customer device 4. Comparison of configurations 4.1 Enables you to check of standards and debug a network environment. 4.2 Enables you to measure deltas between production environment and disaster recovery environment. 5. Checks for new devices or 5.1 Enables you to manage your environment and ensure you are aware changes of additions, changes and moves of critical devices. 5. Value Derived From the Service 5.1 Control  Of who has access to the information within your environment  Of the security policies in respect of compliance  Of the security policies in respect of effectiveness  To enforce your security policies  To identify and prioritize areas that require remediation  To identify non business content and its location, such as music and videos files, which either use up company resources in the form of disk and backup or could put an organization at risk in respect of its illegality  To identify company information that is stored within the environment and is which is accessible to people within the organization who should not have access to this shared content such as Price Lists, Contracts, Employee files, Formulas and the like.  To measure your environment in respect of improvement or lack thereof through trend analyses 3 of 4
  4. 4. Chameleon Secure Solutions C90 Security Appliance Confidential 5.2 Cost  Operational costs are reduced in respect of product purchasing and training due to the implementation of one comprehensive solution  High local content – not dependant on exchange rate  Reduces the cost to identify issues within an environment  Access to expensive skills that are not cost effective on a full time basis  We enable the better protection in respect to liability as a result of information loss and misuse.  We enable you to litigate in the event of information loss or misuse 5.3 Performance  Shortened lead time to identifying where and what needs fixing  Shortened lead time to identify the effectiveness of remediation efforts 5.4 Quality  Improve quality of the governance of the IT environment  Improve the quality of the protection of information within an organization 4 of 4

×