A firewall is a system designed to prevent unauthorized access to protected systems or computer networks. Firewalls can be implemented with either software or hardware-based solutions. Sometimes a combination of both will be deployed. Firewalls typically limit access to such systems analyzing network traffic and blocking unauthorized or “untrusted” messages from reaching the protected systems.
City Tech Systems provides centrally managed firewall services that can provide IP and/or protocol-based filtering protection for network enabled systems or devices. CTS can assist the System Owner or System Operator for designing the firewall solution to meet the system’s requirements, purchasing hardware (if necessary), configuration, installation, and testing.
Security Operation Center
- Firewall Security Management
- Intrusion Detection/Prevention Systems
- Content Filtering
- Anti-Malware Management
- Secure Configurations
- Media Handling, Classification & Disposal
- Privacy & Data Protection
- Security Information and Event Monitoring
- Vulnerability Management
- Identity Management
- Access Management
- User Administration
City Tech Systems includes the following vulnerability assessments.
- Self Service Vulnerability Assessments allow users to scan the computer they are using immediately. A standard report is made available for download at the completion of the test.
- Full Enrollment includes the same type of assessment, but adds a higher level of assurance through interactive vulnerability analysis and management tools, automation, and customized reporting.
- Customized Vulnerability Assessment – Highly critical systems can request customized vulnerability assessments to complement automated vulnerability assessments. CTS staff work directly with the System Owner and Operator to develop an assessment plan, perform the assessment, and deliver a custom report that identifies risks and potential solutions.
- Penetration Testing – A penetration test is a targeted attempt to accomplish a specific goal such as accessing business critical data. CTS staff work closely with the System Owner and Operator to identify the test’s goals and scope, perform the tests, and deliver a custom report identifying exploitable vulnerabilities in the system’s applications, configuration, and procedures.
IDS & IPS Systems
Layered security is the key to protecting any size network, and for most companies, that means deploying both intrusion detection systems (IDS) and intrusion prevention systems (IPS). When it comes to IPS and IDS, it's not a question of which technology to add to your security infrastructure - both are required for maximum protection against malicious traffic. In fact, vendors are increasingly combining the two technologies into a single box.
At its most basic, an IDS device is passive, watching packets of data traverse the network from a monitoring port, comparing the traffic to configured rules, and setting off an alarm if it detects anything suspicious. An IDS can detect several types of malicious traffic that would slip a typical firewall, including network attacks against services, data-driven attacks on applications, host-based attacks like unauthorized logins, and malware like viruses, Trojan horses, and worms. Most IDS products use several methods to detect threats, usually signature-based detection, anomaly-based detection, and stateful protocol analysis.
The IPS Advantage
At its most basic, an IPS has all the features of a good IDS, but can also stop malicious traffic from invading the enterprise. Unlike an IDS, an IPS sits inline with traffic flows on a network, actively shutting down attempted attacks as they're sent over the wire. It can stop the attack terminating the network connection or user session originating the attack, blocking access to the target from the user account, IP address, or other attribute associated with that attacker, or blocking all access to the targeted host, service, or application.
CTS Systems Security overview
City Tech Systems Security Services address the confidentiality, integrity and availability requirements of the client’s business operations and IT infrastructure.
This is achieved through a flexible combination of management, operational and technical controls, leveraging people, process and technology depending on the client’s risk appetite.