about
 
 
   
 
 

SECURITY

Case 1 - A Major Telecom Service Provider in India.

Case 2 - A Prestigious Educational Institute in USA

 

Case 1:
Customer: A Major Telecom Service Provider in India.
Technology: Network Security Audit


The Customer

The customer is a major telecom service provider in India. It has around 450 nodes running through the length and breadth of the country. The customer has deployed a National Internet backbone (NIB) for providing Internet Access Points (IAPs) to private ISPs and Points of Presence (POP's).

Services offered are PPP dial-up access (PSTN and ISDN), e-mail and dedicated leased lines. The customer follows a three-tier architecture. Nodes are categorized as "A", "B" and "C" depending on the capacity and configuration of equipment.


The Challenge

The NIB grew out of a need to connect remote Indian cities to the net. Primary focus was on operations and network maintenance, as a result, network security was accorded a low priority.

In the course of operations, the customer realized to keep their network running, they had to prevent it from internal and external attacks through a network security audit.

The service provider's primary aim was to get NIB audited for network and system security and to have a network security plan developed. The scope of work:

  • To determine if the network infrastructure components and servers were secured from the configuration and operational perspective.
     
  • To evaluate the effectiveness of management practices and operation tools.
     
  • To recommend improvements for managing security, operation practices and tools


The Solution

Tata Infotech's audit covered an independent and detailed security review of internal procedures, the network topology, access controls, applications, databases, operating systems, network security inspections and other software and utilities. The audit was conducted through interviews with the customer's staff and a detailed verification of key security parameters using Tata Infotech's proprietary network security methodologies . Through the audit, Tata Infotech identified current security measures taken by the customer and gaps in security, which exposed the customer to security risks.


Tata Infotech recommended modifications such as enhanced router security, consolidation of access restrictions, system-wide security policy modifications, and system software and firmware upgrades, which would improve data control in the organisation.

Tata Infotech also provided the customer with a network security design and plan.


The Benefits

A security assessment, which identified security threats to the network and solutions on how, these could be resolved.

Top

 


Case 2:
Customer: A Prestigious Educational Institute in the United States
Technology: Security

The Customer

The Customer is an educational institute which belongs to one of the oldest and biggest academic institutions in the US.
 

The Challenge

The institute had to migrate its legacy systems to a web-based platform. As the migrated systems would be exposed to the Internet, it had to make sure the migrated systems would have security measures in place.

Tata Infotech had to study:

  • The network design and equipment such as switches, routers and firewalls.
     
  • The application and database servers.
     
  • The architecture and design of the migrated
    information systems.

 
The Solution

Tata Infotech executed the project using its onsite - offshore model. It recommended solutions after bringing to the customer's notice security gaps in documentation, the network, server operating systems, databases and applications. A secure network architecture was called for. Guidelines were provided to secure the systems planned to be implemented as part of the migrated systems. A secure web-application architecture was recommended.


The Benefits

A road map that will ensure a secure environment for the migrated systems.

Top