Projects - overview
DotSec has completed a great many projects for a wide range of customers. Our volume of repeat business indicates the level of success we have achieved in reaching that our goal - provision of holisitic IT security products and services.
The following points outline some of our previous work. More details may be given upon application.
- DotSec continues work on a range of projects associated with web services and WSS. For example, DotSec has recently completed a vulnerability assessment of a major web services deployment, and has also recently presented an audit of a range of WSS implementations.
- DotSec has completed the design and deployment of a secure LAN which included virtualised servers and desktops, two-factor authentication for secure remote-access, VLAN separation of desktop, server, guest and perimiter networks, and comprehensive intrusion-detection and alerting systems. To ensure the robustness of the system, DotSec has designed a three-tiered backup and DR process, allowing the business to be operational within 24hrs of a total disaster. Our customer is serious about the security of their funds-management business, and our holistic solution allows them to meet their regulatory requirements with ease.
-
DotSec conducted a comprehensive Threat and Risk Assessment for a
National online job agency. The assessment focussed on the
company's head office, but also included branch offices and
remote (dial-in) access, together with the company's high-volume
web site.
The assessment included a review of both internal systems and publicly accessible web-based services, and the design of the networks and applications that supported these services. The environment included a number of Windows domains, head office, branch office and web-hosting networks, and a number of COTS and in-house developed applications. -
DotSec completed the design and implementation of Single Sign-On
(SSO) services supporting Windows domain-based authentication at
the desktop, and extending SSO to support web-based Intranet
applications.
The deployment environment was based on Windows clients and servers, with IIS and Apache web servers, and Tomcat servlet engine. The initial rollout used servlet-based applications, but included options for full J2EE extensions. -
DotSec completed a Threat and Risk Assessment (TRA) for an online
casino. The scope included network security configuration and
policy, together with review of online gaming applications design
and appropriate, policy-based deployment of J2EE security
services.
Ongoing support in the areas of secure application design and integration, threat and risk assessment, intrusion detection and vulnerability analysis. Environment includes a J2EE 3-tiered application, running over Web Logic Server with Oracle 9i DBMS. Linux, Solaris and Cisco platforms.