today's environment, it is vital that your organization has a
comprehensive security plan. With increasing dependence on distributed
networks, reliance on the Internet, a company becomes more vulnerable to
NesTECH consultants analyze how susceptible your network is to outside
intruders who can sabotage your operations. We do this with our services
listed below, which can find any weak points on your network.
NesTECH Security Services are available to assist you with planning,
design, deployment, and support of wide range of security solutions.
NesTECH is committed to bringing our customers world-class security
solutions, best-of-breed security technologies, and quality service and
I. Network Vulnerability
Locate vulnerabilities in the network security architecture.
vulnerability assessment shows the system's security posture with
respect to specific vulnerabilities. The vulnerability assessment
closely examines the network architecture. The
vulnerability assessment testing methodology developed by NesTECH is
effective on both commercial and government network environments and has
exposed serious vulnerabilities on systems previously accredited for
Penetration Testing (PT)
Demonstrate the ability of a security system to be bypassed.
goal of penetration testing is to determine if the protective controls of
a given host(s) and network can be bypassed. Penetration Testing provides
evidence that vulnerabilities
indeed are exploitable. It brings a dose of reality and intense focus to
the vulnerability assessment. Penetration testing is characterized as
either external or internal to the network. An external penetration test
can be conducted from the following views or combinations of views.
penetration-testing methodology developed by NesTECH has proven to be
very effective in determining the exploitable characteristics of the
identified vulnerabilities in a given network.
Characterize risks to an information system
asset is said to be at risk when a threat agent (hacker, disgruntled
employee, system user, natural event, structural failure, etc.) has the
ability to exploit an asset's vulnerability. It is widely recognized that
attempting to completely remove a threat agent or vulnerability is
impossible for many risk scenarios. Therefore, some form of risk
assessment must be undertaken to characterize the risk environment.
assessments vary based on the system's lifecycle:
stage system development requires analytical threat and vulnerability
Implementation and integration of sub-systems require security testing
and risk scenario hypotheses.
Initial and on-going operational stage requires actual
NesTECH provides risk assessment at all stages of system development and
Execute the installation, integration and testing of security products
NesTECH provides services for the specification, installation,
integration, and testing of security solutions to safeguard customer
network and computing infrastructures. NesTECH security engineers are
trained, certified, and experienced with all major security solutions
Private Networks (VPN)
detection and monitoring controls
filtering controls for e-mail and web
controls (authentication and authorization)
security controls (adaptive scanning)
security implementations, NesTECH provides:
V. Security Policy
Review and Formulation
Develop guidelines and procedures for securing network resources and
security decision-making is based on an organization's security goals.
Security goals are communicated to managers, end users, and operations
staff through a security policy. A security policy is a documented and
formal statement of the governing rules that regulate how an organization
manages, protects, and uses assets. The security policy generally
addresses goals, objectives, beliefs, ethics, controls, and user
responsibilities in the form of high-level and generalized statements.
NesTECH works with designated customer staff to:
existing security policies, both explicitly documented and implied
policies into a customized Security Policy
customer staff on Security Policy
VI. Network Security
Systems Design and Planning
Consult with the customer for a security-enhanced network
Although each design process is unique to the customer, there are several
of security objectives
of security products
design components for effectiveness against project objectives
Security Design Report details the findings, recommendations and
manufacturer's part numbers (when appropriate). Design recommendations
are specific, including expected costs and benefits and may include
recommendations on project objectives and security requirements.
NesTECH performs security engineering design work for large corporate and
government customers, including classified environments.
Security Glossary of Terms