Design and Implementation
Using defence-in-depth principles and a default deny stance, we design and implement everything from secure hostbased solutions to advanced network infrastructure and perimeter defenses.
We offer help with designing new firewall platforms and/or reviews of existing implementations and rulebases. We have experience in most platfroms such as Palo Alto, Fortigate, Checkpoint Firewall-1, Cisco PIX/ASA/FWSM, Juniper, Netfilter, pf, and ipf. Our experience of deployment and design ranges from single enforcement points to multiple redundant high availability clustered solutions.
We offer help with design of new infrastructural platforms and/or reviews of existing implementations and designs. In our experience the core network is the very foundation and one of the corner stones in implementing good security and parts of our defense in depth stance. Redundancy of the network infrastructure is also a common factor that we deal with.
Logging for traceability
Few things in computer security is more neglected than system and security logging. Utilizing multiple log recipients in a redundant solution, can ensure an organisation with proper separation of duties in terms of log access and management as well as facilitating proper traceability for past events.
XPD is also a contributor in the open source area with one of the first generalized visualization tools for system and security logs. (project aspect, released as GPL on SF: http://aspect.sf.net in 2003)
Securing Oracle installations
Often Oracle is carrying sensitive and vital information about an organisation, however more than 98% of all Oracle servers are installed in an insecure fashion, leading to possible information disclosure, theft or alteration. We have designed and developed together with Oracle Sweden, a secure platform for the deployment of Oracle in a Linux or a UNIX (HP-UX, Solaris) environment.
Post Mortem analysis
If you have had a system compromised by an unauthorized 3rd party, you would most likely want to figure out how they penetrated your security, so you can redesign and implement a safer solution to prevent similar incidents in the future. As one of the companies in the nordic region doing post mortem analysis, XPD can investigate your compromised equipment to try to isolate the root causes of the security incident.