|
SECURITY
Case 1 - A Major Telecom
Service Provider in India.
Case 2 - A Prestigious Educational
Institute in USA
Case 1:
Customer: A Major Telecom Service Provider in India.
Technology: Network Security Audit
The Customer
The customer is a major telecom service provider
in India. It has around 450 nodes running through the length and
breadth of the country. The customer has deployed a National Internet
backbone (NIB) for providing Internet Access Points (IAPs) to private
ISPs and Points of Presence (POP's).
Services offered are PPP dial-up access (PSTN and
ISDN), e-mail and dedicated leased lines. The customer follows a
three-tier architecture. Nodes are categorized as "A",
"B" and "C" depending on the capacity and configuration
of equipment.
The Challenge
The NIB grew out of a need to connect remote Indian
cities to the net. Primary focus was on operations and network maintenance,
as a result, network security was accorded a low priority.
In the course of operations, the customer realized
to keep their network running, they had to prevent it from internal
and external attacks through a network security audit.
The service provider's primary aim was to get
NIB audited for network and system security and to have a network
security plan developed. The scope of work:
-
To determine if the
network infrastructure components and servers were secured from
the configuration and operational perspective.
-
To evaluate the effectiveness
of management practices and operation tools.
-
To recommend improvements
for managing security, operation practices and tools
The
Solution
Tata Infotech's audit covered an independent and
detailed security review of internal procedures, the network topology,
access controls, applications, databases, operating systems, network
security inspections and other software and utilities. The audit
was conducted through interviews with the customer's staff and a
detailed verification of key security parameters using Tata Infotech's
proprietary network security methodologies . Through the audit,
Tata Infotech identified current security measures taken by the
customer and gaps in security, which exposed the customer to security
risks.
Tata Infotech recommended modifications such as enhanced router
security, consolidation of access restrictions, system-wide security
policy modifications, and system software and firmware upgrades,
which would improve data control in the organisation.
Tata Infotech also provided the customer with
a network security design and plan.
The Benefits
A security assessment, which identified security
threats to the network and solutions on how, these could be resolved.
Top
Case 2:
Customer: A Prestigious Educational Institute in the United
States
Technology: Security
The Customer
The Customer is an educational institute which
belongs to one of the oldest and biggest academic institutions in
the US.
The Challenge
The institute had to migrate its legacy systems
to a web-based platform. As the migrated systems would be exposed
to the Internet, it had to make sure the migrated systems would
have security measures in place.
Tata Infotech had to study:
- The network design and equipment such
as switches, routers and firewalls.
- The application and database servers.
- The architecture and design of the migrated
information systems.
The Solution
Tata Infotech executed the project using its onsite
- offshore model. It recommended solutions after bringing to the
customer's notice security gaps in documentation, the network, server
operating systems, databases and applications. A secure network
architecture was called for. Guidelines were provided to secure
the systems planned to be implemented as part of the migrated systems.
A secure web-application architecture was recommended.
The Benefits
A road map that will ensure a secure environment
for the migrated systems.
Top
|
