No firewall, anti-virus software or intrusion prevention system can protect a network with inherent design flaws. Network designs that were developed prior to the need for extensive security, or have not kept pace with the growth of the company's infrastructure, will most likely need review and redesign.

In the present day of hackers and legislated compliances, designing the network securely and maintaining a level of invulnerability can prove to be quite a challenge even for the most experienced network engineer.

If you are looking to rebuild your network or just preparing the company for specific compliance, NetSieben can help with this transition. Our engineers are experienced with complex network environments and can handle tasks like Firewall deployment in HA environment, full mesh Active-Active configurations of firewall clusters, hub-and-spoke VPN deployments, VPN failover groups.

| Perimiter Firewalls | Segment Segregation | Redundancy |
| Virtual Private Networks | Intrusion Prevention Systems |
| Securing Wireless |

The most important part of your network is the perimeter firewall/s. These devices are responsible for filtering all traffic to and from Internet. They are first point of defense against malicious traffic.

Installation of unsuitable hardware or bad configuration practices can cripple the entire network and result in data and financial loss.

NetSieben will examine the network, considering such parameters as the size of the company, the number of remote offices, traffic requirements and the company's policies. NetSieben also considers the uptime requirements and future network needs. Our aim is to match the security hardware with the network environment and the company's future growth.

back to top

It is important to understand that different departments in a large company will require different levels of security. For example the department dealing with financial transactions or personal information is required to meet compliance regulations and have stricter controls over data access.

NetSieben can help determine the best way to segment a network, applying proper rule sets correctly and limit inter-segment traffic, such that each department will have access only to information to which they are restricted.

Properly segmented networks make it much easier to implement additional protective measures such as intrusion prevention systems or network anti-virus.

back to top

If a business depends on the network and the Internet connection being up 24/7, it will want to avoid the perimeter firewall being a single point of failure. For this reason different High Availability standards are used in the market. Probably the most popular of them is VRRP (Virtual Router Redundancy Protocol).

NetSieben can configure the firewalls for fail-over using different proprietary redundancy protocols, and integrate them into redundant switching environment.

back to top

If a company has remote offices or mobile users that require access to shared resources, it can easily accomplish this objective by using VPN (Virtual Private Network) technology. NetSieben designs and deploys remote VPN clients on user laptops, so staff can safely conduct business on the road.

NetSieben can also design and deploy one global network, where branch offices interact with the main office while remaining safe from the threats associated with traffic traversing the Internet. NetSieben can configure complex hub and spoke or full mesh environments, with VPN fail-over groups, ensuring 24/7 secure communication.

back to top

Firewalls cannot protect a network environment from all threats. Even if a firewall has anti-virus checking, basic packet reassembly and protocol checking, it still cannot effectively protect the network from malicious activity originating from within the private network.

Intrusion Prevention Systems (IPS) bridge the gap between firewalls and the end point security. IPS examines every packet for malicious traffic signatures,protocol anomalies and other unusual network activity that passes through it. IPS system can be configured to drop all traffic deemed malicious or unusual, or just monitor the flow and alert administrators when suspicious traffic is detected.

NetSieben can assess networks and deploy IPS systems at the most important points in the network, providing additional level of security.

back to top

The inherent security risks in wireless technology are well known. Most modern wireless access points deploy primitive security measures such as MAC based access filters or WEP encryption. The majority of these measures can be easily circumvented or broken.

If wireless deployments are required in the business, NetSieben will design a secure wireless network, properly segregating and segmenting the network, applying strict security policies to restrict access to sensitive data.

NetSieben will recommend the most secure wireless equipment available, which utilizes a broader set of wireless authentication and privacy mechanisms.

For more information or pricing please call us at (303) 543-0300 or fill out this secure form.

back to top