An ISO 27001-based, systematic baseline identification of all network devices and resources, and the establishment of valuations for all groups of data residing on the network. Assessment converts general descriptions of the network into measurable data sets that can that be used to design an effective security management policy and infrastructure.


  • Development of information security policy
  • Risk management services
  • Disaster recovery plan
  • Gap analysis of base lining
  • High-level plan
  • Cost/Benefit – ROI



Conversion of assessment data into lists of network security applications, deployment locations, implementation strategies and specific configuration guidelines for each network device or security application. At the completion of this stage, the security policy exists as a completed document, accompanied by a deployment plan for all necessary technologies.


  • Information Security framework
  • Information Security architechture
  • Objective analysis
  • Proof-of-concept Testing
  • Definition of functional requirements



The physical process of implementing the plans created in the design phase. Includes the installation, testing, training and conversion to a production environment.


  • Project management
  • Infrastructure staging and configuration
  • Infrastructure installation
  • Multi-vendor co-ordination
  • Equipment testing and certification
  • Documentation (network diagrams, processes and procedures)

Manage and Support


Measuring performance data horn the network security infrastructure against the goals stated in the security policy. Non-compliant systems and events trigger specific actions, as stated in the policy, including a re-evaluation of the policy and restart of the policy generation process. This stage can manifest itself as either in-house operation or. more commonly, as outsourced managed security services, and should include a detailed incident response plan.


  • Information security management (ISO 27001 and CobiT)
  • Implementation of information security policy, standards. processes, procedures and guidelines
  • Security Systems monitoring and maintenance
  • Troubleshooting and problem resolution
  • Equipment reconfiguration
  • Change control



An ongoing effort to raise awareness of the need for network security of the executive management, administrator and end user levels. This process cuts across all other steps, and includes both administrator training for emerging threats to systems and awareness among end users of the benefits of working within the security architecture.


  • Training course designed to meet your specific training needs
  • Appropriate class handouts
  • Specialised instruction
  • Recommendations for continuing study



Open Source Solutions