Orange County Computer Consultant

My photo
Orange County Computer Consultant helps small businesses with networking, installations and small business software.

Thursday, May 12, 2011

Orange County Computer Security

Welcome to Orange County Computer Consulant. We specialize in helping small busineses in Orange County secure their data. We can design a custom security solution for your business. We can install encryption software on your laptops to protect your data in case of theft. We also can provide software to scan incoming emails.

We will install anti-virus software to protect against malware and viruses.

Dont wait until it is to late. Give us a call today.

OC Computer Consultant Cisco ASA 5500`

This is a review on the new Cisco ASA 5500.

The Cisco ASA or Adaptive security appliance can use different modules for different security needs.
There are currently four unique modules. They include the firewall module, IPS which is a intrusion protection system. Anti-x module and a VPN (virtual private network) module.

The benefits of this appliance is that modules can be added as your needs grow. All in one device.
There is a business edition provides small to medium businesses with VPN and gateway capabilities.
The firewall module can be implemented to stop corporate users from abusing instant messaging, the
introduction of Spyware and Adware onto the corporate network.It will also protect against external
threats suck as hackers or crackers. Policies can also be set up to block peer to peer file sharing.

The Cisco ASA 5500 can also provide VPN access for remote users. The SSL (Secure Sockets Layer) and
also IPSec protocols can be used to encrypt traffic. Different forms of authentication can be used such as Kerbeos, Microsoft Active directory, LDAP lightweight directory protocol and RSA secure ID.

Everything can be controlled through the Cisco Security Manager, a all in one management platform. I watched a video on this at Cisco's website. I like the interface, you can even see attacks in real time and decide to section off that part of the network. Thats pretty slick. Another way to do this is through MARS, which is Cisco's analysis tool.

There are different modules for different needs Some firewalls can support up to 1.2Gbps.

The Anti-X technology is based on Trend Micros technology to stop threats like viruses, spyware, trojans and worms.

Computer Consultant Orange County: Defense in Depth

Today in business protecting your information is essential. IT managers should be practicing defense in dept to secure their systems.

What is defense in depth? It is using multiple layers of security systems to protect or stop a attack. There are criminals, hackers, organized crime groups, employees and foreign countries trying to access or destroy data. There are many reasons why people do this. It could be used for identity theft, they can threaten to bring down a companies website. They might want to take over your servers to launch denial of service attacks. Foreign countries, terrorists and competition might want trade secrets, or information on military information.

There are many tools attackers have ready to use. How do they get to this information? There are many vulnerabilities they can implement. Here are a few: Rootkits, Remote exploits, buffer overflows, sniffing, session hijacking, social engineering, viruses, trojans, and key stroke loggers.

There are many tools that companies and individuals can use to help mitigate these risks. Intrusion detection and prevention systems can help stop and inform you that there is a possible attack happening. Firewalls and anti virus gateways can help to try to stop attacks and protect against viruses. The firewall must be checked for correct rule sets.Services not in use should have their ports blocked or turned off entirely. Denial of service defense software can be installed to help drop packets before they crash your systems. Your firewall can be configured to do the same.

Hosts in your network should be protected with anti-virus software, spyware removal tools, and personal firewalls.
If your data is really valuable consider hiring an outside firm to do penetration testing and application security testing.
Software updates should be installed frequently on a test server first and then put on your production servers.

Users on the network should be authenticated with a user name and password. The password should be difficult to guess and be alph numeric contain both upper case and lowercase. Passwords should be changed on a regular basis. To protect information on your computers encryption should be utilized with encryption protocols such as DES, 3DES or AES. If you use remote access do not use Telnet Make sure that you are using SSH, or SSL with IPsec.

Users should be educated about possible security risks and trained on the companies security policy. System administrators should be backing up daily and checking their logs for suspicious activity.