Network Management and Security
ENTERPRISE SECURITY MANAGEMENT FRAMEWORK — Syntek is
participating in the development of an enterprise security
management framework that enables customers to rapidly identify,
isolate, and respond to complex and diverse security incidents.
An open framework architecture enables security data collection
from a wide variety of IT assets, including perimeter security,
network devices, and applications. This information is forwarded
to one of several distributed analysis engines that identify and
prioritize security incidents based upon business-driven security
rules maintained with the policy manager. This ongoing process
continuously verifies normal operating conditions and immediately
identifies any non-sanctioned activity on monitored assets. Customer
specific policies prioritize asset levels to ensure response efforts
are targeted and efficient.
GATHER, SORT AND MANAGE DATA — Syntek staff is involved
with all aspects of developing software systems for gathering,
storing, managing, and reacting to network security data. One
example of this was with Snort, which included gathering Snort
alert events at the device level and transmitting them to a
collection server and persisting the alerts. At a management
server, we developed retrieval/display of received event information
and an interface for configuring and deploying rules to IDS devices
(managed by groups of devices). The project has included similar
experiences with vulnerability assessment using Nessus and NMAP.
SECURITY ASSET MONITORING SYSTEM — Syntek is also
participating in the design, implementation, and loading of the
event management component of this security asset monitoring system.
This component is responsible for the receiving, storing, filtering,
correlating, and routing of events. The architecture is based on
a hierarchical, multi-tiered, publish/subscribe model.
Implementation of this component is being done using Java in the
Eclipse development environment on a Windows PC.
MODIFY, CONFIGURE REMOTE DEVICES — Syntek is involved
in the design and implementation of the component to download
software and configurations to remote devices. The ability to
delete, suspend, and resume installed entities responsible for
data collecting and performing first level rules-based data analysis
and filtering has been added. This involved modifying JSP/JavaScript
pages via Dreamweaver MX and Java code for their handlers to update
the Oracle 9i database in a struts-like web application framework.
NETWORK ACTIVITY ANALYSIS TOOL — Developed a tool that
interfaces with a live network, analyzes call records and network
configuration files, and abstracts a database of network activity.
The database can be interrogated through a GUI to assess loading
and call patterns over the whole network or at and over specific
nodes and backbones.
NETWORK OPTIMIZATION TOOL — Developed a tool that gives
the network designer a means of entering a network topology and
definitions of stochastic, time-profiled access traffic in order
to predict the utilization of the backbone links. The tool simulates
packet switched routing of the traffic over the topology, and also
evaluates 'what if' scenarios, such as the effect of projected
increases in traffic and the consequences of backbone failures.
PERFORMANCE MANAGEMENT TOOL FOR SATELLITE NETWORKS —
Developed a tool to estimate delays and bottlenecks in a satellite
communications network using a network model based on standard queuing
theory techniques. The model incorporates characteristics of the
satellite communications protocol, earth station processing, and the
terrestrial distribution network.
CHANNEL CONTROLLER DESIGN — Designed a channel controller
call processing system that handled the signaling, authorization and
network management functions necessary to process calls for a satellite
communications system. Specific applications included a point-to-multipoint
network HDLC protocol carried on the NCMI and LESMA TDM satellite
channels, a PPP HDLC link carried on PSTN/ISDN lines, and a one-directional
SU-based link carried on the LESMI TDM satellite channel.
NMS SUPPORT FOR WAN PRODUCT LINE — Provided NMS software support
for a complete line of wide area network data switching products, including
all fault, performance, configuration, accounting, and security management
software. The network management software is written in C++, and runs under
a Data General Unix environment.
NMS TESTING FOR NETWORK MANAGEMENT CENTER — System testing and
implementation of hardware and software to support a large telecommunications
enterprise network management center. This system provided the customer
with real-time visibility to alarm conditions and performance measurements
as well as remote access to diverse network elements. The system (Nortel
NetWORKS2 & NetWORKS3) is comprised of vendor application software and
third party software packages, and runs on a series of HP9000 servers under
the HP-UX (Unix) operating system.
ELEMENT MANAGEMENT SYSTEM FOR A PASSIVE OPTICAL NETWORK —
Performed requirements analysis, system/integration testing, and project
management in support of an element management system for passive optical
networking equipment. The system will allow Local Exchange Carriers to provide
Fiber to the Home (FTTH) capabilities.
|
