In today's more dangerous Internet, your Network Security never has been more important. Horizon Network Security specializes in inexpensive but effective mixed-platform Network Security using Linux-based solutions so we have the expertise to ensure that your network looks like Fort Knox or even invisible to an intruder. Non-server systems can appear to vanish from the Internet to prevent attacks, yet can have access to as much of the Internet as your organization requires.
Our services and products include the following:
If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke
We can build, install, and configure a highly effective Linux Firewall for a fraction of the cost of specialized hardware yet the Linux Firewall will be just as effective and reliable. Better still, your Linux and Unix system administrators already will know how to maintain it. Our custom designed Firewall rules block virtually all common attacks and scans. Both North American and European power can be accomodated.
It is very customizable and can be programmed with a list of trusted systems to avoid locking them out while still alerting you if they are acting suspiciously and might be compromised. It determines in an unspoofable way what system has tried to attack your network so that the site's system administrator can be notified to get the system shut down or for use in legal actions. It is compatible with almost all other IDS, Firewall, and anti-virus systems.
An additional fault-tolerant failover capability is available so that if a Firewall component fails, a switch to a backup system will happen automatically almost immediately. Even existing sessions will be preserved when this happens.
The Firewall can be further supplemented with automatic 24x7 monitoring of your network, as described below.
No security is perfect. We can monitor your systems 24x7 for problems. We can detect crackers trying to break into your system and repel them.
We can detect if your web server has been defaced within a few minutes and correct it before it is noticed and costs you customers and your reputation. We can detect in a few minutes if any of your systems have crashed or if the network has failed. We can monitor the health of your mail, file, DNS, and other servers too. We can detect if your systems go down, if your DNS data has been changed by crackers, or if your ISP has been taken down by crackers.
We can scan log files automatically for cracker activity or other abnormalities and deal with the situation. Our software automatically pages the responsible people. This allows fast action to be taken. We can take that action for you!
We have created our own Enterprise-level Virus and Spam Filter. It filters out known viruses by their binary signatures. Don't be fooled by cheap Virus filters that just check for the easily changed text message that accompanies the real Virus. Ours uses a frequently updated virus signature database delivered to your system in a secure manner four times a day automatically.
It also filters out dangerous extensions, such as .com and .exe, thus preventing most new viruses from infecting you even before they get into the world's master virus signature databases.
The Spam Filter option (also available separately) filters out most spam both by context and by known bad source IP addresses. The context filter recognizes common words and phrases that appear in most spam Subjects, From, and To addresses, as well as the body. The source IP address filter uses a very large, frequently updated database of IP addresses from known spammers, ISPs and organizations that allow their users to send spam, "open mail relays" that are misconfigured to allow spammers to bounce spam mail off of them, and dial-up IP addresses that clearly have no administrative restriction.
The Virus and Spam filter may be installed either on your Linux-based Firewall or on your Linux Mail server. If installed on your Firewall (that we can provide) it will work regardless of whether your mail server runs on Linux, Unix, Windows, Mac, VMS, or any other platform. The Firewall option requires no reconfiguration of any part of your network, including your upstream routers or your mail servers. It is ideal for medium to large organizations where distributed responsibility and mixed platform multiple mail servers would make other options inconvenient.
Its price is quite competitive and its abilities are second to none. Because it runs on a very hardened Linux system, it is unlikely to be compromised. Most Windows Viruses, as the first thing they do, immediately will disable a Windows system's Virus filter and Firewall. This would render your network vulnerable not just to that virus but to any virus or port-based attack.
We offer telephone and remote login support 24x7 at no extra charge (beyond our standard hourly rate). Most Firewall configuration changes and problems can be resolved remotely and securely without user involvement. No more "type this key then type that key then reboot and repeat". For a fixed monthly fee we will install any security patches that might be needed for your Firewall (though few are) or for your other Linux servers.
We can provide system administration for all of your Linux and Unix systems. Our founder is one of the 162 recognized developers of Berkeley Unix.
We can provide a comprehensive system audit that includes the following and correct any problems or recommend changes:
Most Linux systems have a wealth of software installed and running. Many of these are considered insecure. We identify and remove unneeded services, greatly reducing the likelihood of a break-in. Frequently clients do not even realize that they are running insecure yet unused services. This is because all popular Linux distributions install these services automatically without even warning you about the security dangers.
Is your system being used to crack another system? One customer recently received a call from a foreign government as the customer's compromised systems were being used to attack that government's computers. We offer egress filtering when we install Firewalls. This prevents any of your compromised systems from being used to attack other organizations.
Many cracker tools include programs that listen on a known port for commands from the cracker. Their existence is usually masked by installing Trojaned system commands like 'inetd', 'ps', and 'netstat'. The tools we use for detecting services running are of our own design and construction, and have gone through several security audits done by outside auditors. They will find all Trojans.
We can scan your network the way the crackers do. This quick non-destructive procedure will determine what they can see and therefor attack. Most clients are shocked at what is accessible from the Internet. This is a valuable starting point for securing the network and making non-servers invisible.
Many Linux and Unix systems are compromised because they are running software that have known exploits. Is your software current? Horizon is familiar with all popular versions of Linux and is an active member in the security community. We wear white hats. Our audit includes an extensive review of your distribution and applies any and all security related patches/upgrades, with your permission, of course.
Some services are more likely to be broken into than others. Running these services on the same system with other services that are more critical or which involve confidential or important data risks these other services being compromised too. Moving these "risky" services to different systems will protect the other services against compromise. Sometimes all that is required is minor configuration changes to existing systems to protect against this compromise "domino" effect.
Our familiarity with the wealth of Linux distributions available has allowed us to develop kits that quickly match file sizes and checksums of key system commands to determine if they have been compromised by a system cracker.
A common cracker technique is to install Trojaned system commands that send sensitive data to the cracker, or mask the existence of cracker tools.
While Linux does not suffer the vast security problems that plague Windows (TM) systems, it is not immune. The first high profile worm was developed on Unix systems and replicated through the mail system. Recently, the Raman Linux worm has attacked Red Hat 6.2 and 7.0 systems, causing web servers to be defaced and made useless until repaired.
Is your system secure? A few minutes of detection each day can save you hours of reconstructive work and embarrassing publicity later. Horizon Network Security can help you choose and install the right solution for your requirements.
Many exploits of web sites are facilitated through insecure web scripts (CGIs). The staff at Horizon Network Security will examine your scripts for vulnerabilities. In addition to the C programming language, we have expertise in Java, Perl, PHP, Python, Shell and several other popular scripting technologies.
We can create a Disaster Recovery plan for your organization. After disaster strikes an organization only those with a well designed plan likely will survive. Insurance on hardware and premises alone is not enough. How long will your business survive without data processing?
We can help bring your System Administrators "up-to-speed" on security, what is dangerous, what policies are needed, how to choose good passwords, how to harden systems, how to prepare for attacks, and how to respond to even successful attacks.
Do you have a plan to recover from a compromise? How long would it take? What critical services would be down during the recovery? Can these critical services be kept up during the recovery? What important data would be lost during a recovery and can this be prevented? When was the recovery procedure last practiced? Is it out of date? Who would need to be involved in the recovery? Do they have the authority? What if they are on vacation or asleep? What if the local paper calls about the compromise? What if the FBI or the police visit, saying your system was used to break into other systems? Most people know who to call if their car breaks down but not if their computers are broken into. If they succeed in breaking in, we can clean them out. Most crackers operate at night. Sometimes we can clean them out and have the system ready before the start of the business day. We can help you prepare for this prospect so that recovery is quick and less damaging than suffering this without preparation.
Fly-By-Day Consulting, Inc.
d/b/a Horizon Network Security
+1 770-662-8321 10am-6pm M-F U.S. Eastern Time
bobt@verysecurelinux.com
Contact us for pricing and availability.