Mahindra Consulting Ltd is an independent subsidiary of Mahindra and
Mahindra ltd. Its is one of the 3 companies that operate in the Information
technology field under the flagship of Mahindra and Mahindra. The other two
being Mahindra British Telecom (MBT), and Mahindra
Logisoft. Mahindra Consulting Ltd is an enterprise solutions provider and its
ambit of services extends from ERP, CRM and SCM to Information Security.
Mahindra Consulting is a global provider of customized, scalable
enterprise and e-business solutions to leading industry verticals, including
process and discrete manufacturing, retail, distribution and e-marketplaces.
Their value chain management solutions provide seamless integration of the
processes within the various components of an end-to-end value chain.
Headquartered in Austin, Texas, Mahindra Consulting has a global foot
print with locations in the United States, United Kingdom and India with
upcoming European and Asian expansion
The Special Services Group of Mahindra Consulting Ltd. under the able
leadership of Mr. Gajendra Singh, is the department dealing independently with
Information security.
Security vulnerabilities, incidents and malicious code have grown at a
pace equivalent or in excess of the general growth in technology. From the first
Internet Worm (called Morris) in 1988, we now have at least 75,000 worms,
viruses and other types of malicious code. According to Computer Economics
damage associated with malicious code reached $17.1 Billion USD in 2000. The
largely unchanged foundation for these vulnerabilities indicates a continuing
upward trend in damage for the foreseeable future.
A
recent KPMG survey found that 17
percent of the Indian companies surveyed had experienced some kind of security
breach, including system crash, website defacement and virus attacks. Publicly
released computer security vulnerabilities more than doubled in the last year,
with 1,090 separate holes reported in 2000, and 2,437 reported in 2001. Following
the same trends, the number of reported incidents also drastically increased
with 21,756 documented in 2000 and 52,658 in 2002.
As the B2B E-Commerce market explodes, so will the security community, in
fact it is already occurring. After all, businesses and consumers will only take
advantage of Web-enabled transactions if trust, integrity, availability and
non-repudiation can be assured.
"Awareness of network security is spreading like wild fire. It is being addressed as the top priority in enterprises." Enterprises are waking up to the reality of loopholes in their security policies, the Gartner Group predicts worldwide information security market to reach $13.1 billion by the end 2001.
Executive Summary
An executive summary to field of network security would be a rather
difficult thing to present. However here we have tried to summarize and present
in brief an overview of the Project as a whole.
This Project was taken up at Mahindra Consulting Ltd, Mumbai Office under
the team of Mr. Gajendra Singh, Head, Special Services Group. The Objectives
laid before us are listed as follows:
Objectives
]
To have an overview of Network security as a whole and the
aspects it encompasses.
]
To Study Firewalls and understand their working.
]
To Study and implement Security using firewalls in Windows NT
environment.
]
To collect data about the Firewalls available in the market.
]
Present an analysis of Selection Of firewalls.
]
To analyze the various options of implementing firewalls
available to companies.
Methodology
The project was carried out in a very systematic and clear manner with
the complete work having been divided into stages and targets assigned to each
stage. First of all we studied the concepts of network security and the issues
involved. After this we went on to get an in depth knowledge of Firewalls their
history, how they developed, their types, architectures and working. After
having gained enough knowledge to be able to discern into the intricacies of
features that a firewall possesses we went on to collect data about the
commercially available firewalls and then prepared a detailed list of the
features of some of the popular firewalls, using this list we went on to compare
the Most used firewalls and present a case wise analysis of the kind of
firewalls that certain types of organizations must deploy. Then made an analysis
into the managed and in house firewall possibilities for companies.
Into the Implementation part the process started with the setting up of a
network and then continued to linking up this network with the external world
and installing firewalls to safeguard it. We also tried to attack this network
with some common hacking tools available.
Conclusion
In conclusion to this project we would like to emphasize that there is no
security system that is totally fool proof and network security is an ongoing
process which requires constant attention and care without which, in this
constantly improvising world the presently employed security measures may become
obsolete.