Architecture is a "top down" methodology consisting of solution design, methodology and high level technical documentation. It is forward thinking and documentation built from product specifications, vendor guidance, solution knowledge, lab testing outcomes, and high level plus detailed technical implementation plans that lead to a repeatable process.

Audit: by contrast is a "bottom up" approach of reverse engineering what's already implemented with the intent of providing a repeatable process in the event of Disaster Recovery, or just as a means of intelligent searching for both good and bad practises, opportunities and threats. Its goal is to identify future intelligent action. Options include auditing for a specific goal such as Disaster Recovery, System Health & Performance, Implementation & Best Practise or for Security weaknesses.

Documentation: is the production, collection and organisation of technical documents and installation materials that in the case of system documentation allows for re-producing the last known state of a system or aspect thereof after a system failure or security breach. A written offline state audit is an excellent security tool for identifying un-authorised changes over time. The listing of processes allows for faster recovery saving re-learning time and and will alert you to in advance to weaknesses.

During 2013, reports disclosed large scale hacking, surveillance and unlawful interception not just by hackers but also by governments and state sponsored entities. An old statistic said that if an unpatched server was connected to the internet, it would be security compromised in under 7 minutes. This shows that defensive steps must be taken before connecting to at risk environments like the internet, but also that defensive measures must be continually maintained in order to stay secure and reduce risk. CitiNet implements defensive security products by building the security infrastructure that protects organisations from a variety of evolving threats. Typical defensive security products include:

• Firewalls: Protect the boundary of an organisation
• Encryption: Provides secure remote access, and protects resting data on a laptop
• Anti Virus: Provides first level defence on operating systems
• IPS: Provides multi-level network or host defence
• DMZ Solutions: Provides safe processes for isolating incoming data

CitiNet provides security advice, security auditing & penetration testing services as a means of confirming security exists and our services are secure, security strategy, use of technology, and applied security in the implementation of security products & technologies to defend and protect against risk and provide privacy.

At a glance:

• Check Point Firewalls
• External Audits / Penetration Testing
• Firewalls: Cisco Pix/ASA, Nokia IPSO, Watchguard, Checkpoint, IPTables (linux/unix)
• Intrusion Detection & Prevention (IDS/IPS)
• Documentation, Rule Base Analysis & Optimization
• Encryption: Disk, IPSEC, SSL
• Best Practice Audits

Network Consulting & Engineering is a multi discipline field involving the design, build & integration of not just the network infrastructure, but everything that connects to it. Therefore it touches on:

• Switches & Routers: Core Network Infrastructure
• Internet: Connectivity to or from the internet, Internet services such as DNS and e-mail
• Servers & Desktops: Windows, MAC, Linux, Unix
• Core Software: email, sql

We offer a mix of offensive and defensive security services, with the sole objective of providing defensive security

Security Auditing (offensive)
Test your existing security for weakness against known attacks.

• External Firewall Assessment (internet)
• Vulnerability Scan
• Internal Network Audit
• Firewall rule audit

Security Hardening (defensive)

Security Hardening is reviewing and recommending (or making) changes which will proactively improve security. These are often design or disciplinary related.

• Routers
• Firewalls
• Servers (Microsoft, Novell, Linux)
• Networks (Layer 2)
• VPN Crypto
• SSL Crypto
• Web Applications (webserver, mail server)