Online Auction System
ESDA Code Generator
Online Shopping Cart
Web Site Design
As a software engineering company, Accelix has a strategic view toward
network security. Because the software we write must also run over
insecure networks in many instances, we understand the means hackers use
to exploit networks and gain access to systems and applications. We build
code into our applications to address known exploits, and we know how
to write code to prevent hackers from abusing our software.
It takes more than just well-written applications to secure a network.
Despite good procedures and strong firewalls, machines on the inside of
a network can still be vulnerable to spyware, viruses, and backdoors.
Because of this, good network security is more than just a firewall.
Good network security means understanding which services are vulnerable
and implementing strategies to address those areas. In general, you
need several elements to have an adequate level of network security:
We can help you put together a plan that will guide your company toward a
better network security strategy, and we can provide the experienced staff
to implement, configure, and train for that strategy. If you would like
to know more about Accelix's network security services and how we can help
you secure your company's network from hackers and mal-ware, send email to
or call us at 301-572-2908.
- Packet Filtering - Packet filters should be deployed at
the Internet egress router to deny access to ports with known
security issues. Filters should allow only known services with
a "deny all" policy for unused services.
- Network Isolation - The corporate network should have
at least two layers of networks: a "DMZ" network that allows
specific services be accessed from the general network, such as
domain name services, general web hosting, and email access; and
an internal network that is protected by a strong internal firewall.
- Internal Firewall - A good internal firewall should conceal
internal IP addresses, prevent unsolicited inbound connections,
and perform stateful inspection of common protocols (email, web,
and others) to filter potential exploits.
- Software and Hardware Inventory - A database should be
maintained on every piece of hardware and software deployed on
the corporate network. Hardware should include the MAC address
of any network interface and the type and revision level of each
operating system. Every software application on every system
should be know, including its revision level, licensing, and
maintenance requirements (if any). Routine software inventories
should be run to identify unauthorized applications. This data
should be able to identify each and every system on the network
that is affected when a new vulnerability is announced.
- Software Updates - Procedures should be put in place to
keep software updated against reported vulnerabilities. Update
information should be maintained in a log.
- Monitoring and Reporting - The network should be monitored
for unidentified MAC addresses, unexpected network services, exploit
attempts, network resource usage, and other anomalies. The data
should be summarized and reported on a regular basis and alerts
should be delivered immediately.
- Virus and Spyware Protection - All computers on the network
should have active virus and spyware protection. This data should
be updated at regular intervals and users should be instructed on
procedures to protect their systems using these tools.
- Early Warning - The network security administrator should
subscribe to several software vulnerability services in order to
keep informed of problems, new viruses, and vulnerabilities.
- Review and Revise - Network security policies and procedures
should be reviewed at least every three months to evaluate areas of
vulnerability. You need to know what works, what needs improvement,
and what is creating problems. As exploits and vulnerabilities
change, so must your security strategy. Network security is an