Home

Firewalls are one of the most important principles of network security. Firewalls basically secure different network segments by deciding the fate of the network-transfered packets using firewall rulesets.

Segments to be separated include the internet (WAN), the intranet (LAN) and the demilitarized zone (DMZ) for servers to be reachable from the internet in a secure manner.

A VPN is a private communications network usually used within a company, or by several different companies or organizations, to communicate over a public network. VPN message traffic is carried on public networking infrastructure (e.g. the Internet) using standard (often insecure) protocols, or over a service provider's network providing VPN service guarded by well defined Service Level Agreement (SLA) between the VPN customer and the VPN service provider.

A proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services.

A Proxy Server makes sense wherever there are more than one computer that share the internet access. Results are e.g. a enourmous speed-advance and a reduction of traffic (costs). Additionally if you wish, its possible to filter out certain content on certain client computers using Content Filtering.

Linux offers an inexpensive and stable alternative in the server sector for every enterprise, compared to Microsoft Windows or UNIX operating systems.

We favorize Debian GNU Linux, but if you wish we install Mandrake, Redhat, Gentoo, SuSE and other Linux Distributions according to your individual requirements.

We offer two different kinds:

• An intrusion detection system (IDS) serves in logging illegal access attempts on and to computers and storing valuable information about exchanged data. This offers on one hand data storage (e.g. for later pursuit in court), on the other hand the creation of powerful statistics about attackers.
• An intrusion prevention system is any device which exercises access control to protect computers from exploitation. "Intrusion prevention" technology is considered by some to be an extension of intrusion detection (IDS) technology, but it is actually another form of access control, like an application layer firewall.

In computer terminology, a honeypot is a trap set to detect, deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information or a resource that would be of value to attackers.

A computer cluster is a group of loosely coupled computers that work together closely so that in many respects they can be viewed as though they are a single computer.

Clusters are usually deployed to improve speed and/or reliability over that provided by a single computer, while typically being much more cost-effective than single computers of comparable speed or reliability.

Traffic shaping is an attempt to control computer network traffic in order to optimize or guarantee performance, low latency, and/or bandwidth. Traffic shaping deals with concepts of classification, queue disciplines, enforcing policies, congestion management, quality of service (QoS), and fairness.

Every enterprise is unique, and that is why we work out a security solution for your needs together with you. The solution implements reliable technologies and solutions along with modifications that fit your needs.

During a Network mapping, all it-oriented devices get listed resulting in a network plan.

A network mapping is a good step before conducting other measures, e.g. a Security Auditing or the implementation of a Firewall, Intrusion Detection oder Proxying. This steps makes most sense shortly before or after a hardware conversion.

The base for the workout of a concept is a close look at the actual infrastructure. In a next step, future requirements - and their effects on the security policy - get researched and integrated into a conclusive total concept. The network design decides from the beginning on the efficiency of your network.

Every network and every application need their individual protective measures, because they are subject of permanent and changing threats and risks. Especially during a complete rebuilt of IT infrastructure, special attention should be brought to optimization, so that the budget gets used in its most efficient way.

Security auditings aims in a systematic search for weaknesses in a network and the creation of proposals, how these deficient elements can be eliminated.

• Auditing means a procedure where the actual status of IT security gets determined and gets checked for completeness and optimizations. In doing so, we check all major known hardware- and software-platforms.
• The result is a detailed audit report including countermeasure proposals essential element of the Security Auditings or Penetration Testing.

An Incident describes a happening which negatively influences the integrity of existing IT systems. This includes e.g. virii-attacks, worms, trojans, and not too rare forms of Denial of Service (DoS) or Distributed Denial of Service (DDoS) where a large number of mostly fake IP sourceadresses send a large amount of requests to a service so that it cannot continue in serving "legal" requests any more.

The best security oriented IT system loses quality if the actuality is no longer given. For that reason, NetSEC offers low-cost maintenance contracts for all solutions.

For registered customers, there is also the possibility of creating support-requests directly from their customer-login area.