C90 is a security appliance that provides vulnerability assessment and monitoring of internal and external network assets through three modules: Insider+, Hackview, and Change Detection+. Insider+ identifies vulnerabilities within internal systems and assesses security risks. Hackview assesses vulnerabilities and risks of external internet assets. Change Detection+ monitors configurations and changes to network components. The appliance provides automated reporting, vulnerability analysis, policy monitoring, and tools to identify security issues and track remediation efforts across an organization's network.

1. C90 Security Appliance
Chameleon Secure Solutions (Pty) Ltd • Reg. No. 2007/032120/07 • Vat No. 4300244029
(o) 011 463 8035 • (f) 086 608 6668 • (w) www.chameleon-ss.com
Bridgeport House • Hampton Park North • 20 Georgian Crescent • Bryanston
Directors • Reinhard Behrens • Christo Boshoff • Possey Mina

2. Chameleon Secure Solutions C90 Security Appliance Confidential
1. Overview
C90 is a Vulnerability Assessment solution providing:
 Reporting on the vulnerabilities of external facing IP assets
 Reporting on the vulnerabilities and security risks associated with internal IP assets
 Change detection and control monitoring on network assets
 Consultancy in respect of issues arising from any of the above
C90 comprises of three modules:
1) Insider+ ( Focuses on vulnerability and risk assessment of internal IP assets)
2) Hackview ( Focuses on vulnerability and risk assessment of external - internet accessible - IP assets)
3) Change Detection+ ( Focuses on the configuration and changes to configuration of network specific components)
2. Insider+ Features & Benefits
FEATURE BENEFIT
1.1 Can identify vulnerability by customer as a whole, geographical location
1. Detect vulnerabilities and or departmentally by IP subnet implementation.
categorize them from Serious to 1.2 Allows customers to prioritise fixing operation.
Informational 1.3 Gives customer a view of the general health of the environment.
1.4 Provide customer with specific solutions for each vulnerability.
1.5 Pick top n-number of faults. Number of instances and by severity.
2.1 Track and remove malicious applications and services from devices
2. Detect open ports and map to
known malicious known services 2.2 Track and remove unauthorised applications and services from devices
3. Installed applications 3.1 Asset applications and licensing management (legal compliance),
standardised setups (compliance to build standards)
4.1 Enables the customer to transact credit card transactions
4. Compare current device status 4.1 Gives the customer a best practice security model
to a policy (e.g. password 4.1 Companies that are PCI compliant are afforded safe harbour by
strength, applications installed Visa/Mastercard.
vs. standard, account enabled
vs. allowed.)
5.1 Protects the company owners/directors from liability from copy write
5. Detect illegal content (MP3, infringement.
videos, sensitive documents by 5.1 Protects the company from malicious content.
keywords, or define document 5.1 Saves the company the loss of time and money due to misuse of disk
name) space and backup resources.
5.1 Enables the company to track the whereabouts and use of sensitive
information. (eg. Credit card information, contracts, costings, etc.)
6.1 License management for OS
6. OS Listing vs. allowed OS 6.1 Standardisation of OS
(service pack installed vs. 6.1 Standardisation of Service Packs for system interoperability
expected) 6.1 Identification of security risks through unpatched systems
7.1 Enables you to identify and manage administrator accounts
7. Number of accounts and UID 7.1 Enables you to get rid of dormant administrator accounts
500 (listed by username)
8.1 Enables the company to protect access to sensitive information
8. Shared directories by device and 8.1 Highlights sharing of undesirable information
content
9.1 Enables the company to identify unauthorised ntp sources
9 Device time stamp management 9.1 Identifies devices with out-of-sync time stamps.
2 of 4

3. Chameleon Secure Solutions C90 Security Appliance Confidential
3. HackView Features & Benefits
FEATURE BENEFIT
1. Highlights vulnerabilities 1.1 Enables you to secure your business from external attacks.
exposed to outside world (on 1.2 Enables you to ensure your customers and suppliers that your
all external facing IP assets) environment is secure from external threat.
1.3 Enables you to comply with security policies and/or regulatory
standards.
2. 24,954 Known vulnerabilities 2.1 Ensures that you are checking against the maximum known number of
from 4 vulnerability engines vulnerabilities and therefore provides you with the most comprehensive
consolidated. test available in the industry.
4. Change Detection+ Features & Benefits
FEATURE BENEFIT
1. Backups – scheduled or on 1.1 Enables you to know your network device configurations are regularly
demand, errors backed up generationally.
1.2 Any devices that failed to backup, you are alerted on and have some
tools to enable you to fix the problem.
1.3 You have access to configurations for rollback purposes.
1.4 You have an audit trail of backed up configurations and configuration
changes available which can be used for internal investigations and
auditors.
2. Scheduled reporting 2.1 Report is automated, therefore creating efficiency and removes the
human element.
3. Operational Tools: 3.1 Convenient operational tools enable customers to quickly and
- Configuration effectively identify, track and fix problems from a single system.
- Diagnostic tools
- Fault resolutions
- Configuration of CSS system for
customer device
4. Comparison of configurations 4.1 Enables you to check of standards and debug a network
environment.
4.2 Enables you to measure deltas between production environment and
disaster recovery environment.
5. Checks for new devices or 5.1 Enables you to manage your environment and ensure you are aware
changes of additions, changes and moves of critical devices.
5. Value Derived From the Service
5.1 Control
 Of who has access to the information within your environment
 Of the security policies in respect of compliance
 Of the security policies in respect of effectiveness
 To enforce your security policies
 To identify and prioritize areas that require remediation
 To identify non business content and its location, such as music and videos files, which either use up company
resources in the form of disk and backup or could put an organization at risk in respect of its illegality
 To identify company information that is stored within the environment and is which is accessible to people within the
organization who should not have access to this shared content such as Price Lists, Contracts, Employee files,
Formulas and the like.
 To measure your environment in respect of improvement or lack thereof through trend analyses
3 of 4

4. Chameleon Secure Solutions C90 Security Appliance Confidential
5.2 Cost
 Operational costs are reduced in respect of product purchasing and training due to the implementation of one
comprehensive solution
 High local content – not dependant on exchange rate
 Reduces the cost to identify issues within an environment
 Access to expensive skills that are not cost effective on a full time basis
 We enable the better protection in respect to liability as a result of information loss and misuse.
 We enable you to litigate in the event of information loss or misuse
5.3 Performance
 Shortened lead time to identifying where and what needs fixing
 Shortened lead time to identify the effectiveness of remediation efforts
5.4 Quality
 Improve quality of the governance of the IT environment
 Improve the quality of the protection of information within an organization
4 of 4