clients / case studies / businesses

MACH S.A

Goal

Find an expert partner to evaluate security and network and provide recommendations for improvements

Solution

Provided analysis and a set of implementable recommendations

Results

Introduction

MACH provides international bill clearing solutions for multiple European mobile phone operators. They were looking for a partner to evaluate their network and system security of their operations center in Dudelange, Luxembourg, and to provide recommendations for improvement.

Given that they handle extremely large amounts of data every day, scale and performance could not be compromised. Their systems also needed to allow access to all of their operator clients in a secure environment due to the sensitive call and financial information handled.

What did we do?

  • Went onsite at MACH’S production facility in Luxembourg to evaluate physical security practices and procedures as well as computer systems security
  • Recommended a formal security policy to clarify the purpose of security mechanisms
  • Carried out a paper evaluation of the network design
  • Conducted non-intrusive internal and external scanning
  • Delivered results and recommendations to MACH management and IT personnel

How did we do it?

  • Leased lines, Virtual Private Network (VPN) connections and Access Control Lists (ACLs) were examined and evaluated
  • MACH’s local network routers (Cisco) and firewall (Cisco PIX) configurations were examined and evaluated including review of IOS levels, access lists and specific configuration rules
  • Network traffic was monitored for several days to analyze and evaluate traffic patterns
  • Remote threats to the servers were assessed through known vulnerabilities such as buffer overflows as well as through security issues introduced through mis-configuration
  • All open ports were scanned to learn the purpose of each, and any potential weakness of each
  • Evaluation tools included Network Mapper (NMap), Security Administrator’s Integrated Network Tool (SAINT) and the Nessus remote security scanner