Information Security Services | Information Security Solutions

 home company contact us

1 (866) 365-8401

  • Professional Services

    • Professional Services Overview
      Vigilar Professional Services provides security consulting expertise to help organizations of any size assess their current security state, meet information security challenges, design solutions to reach their optimal security posture and achieve regulatory compliance.
      Payment Card Data Security
      Vigilar’s PCI Compliance Services deliver a full range of PCI-specific assessment, remediation and education services to help organizations of all sizes establish and improve PCI compliance. Vigilar is recognized by the PCI Security Standards Council (PCI SSC) as both a Qualified Security Assessor (QSA) and as an Approved Scanning Vendor (ASV).

  • Security Solutions

    • TITAN™ - Vigilar’s Information Security Framework
      One of Vigilar's core tenets is that it is not sufficient to use information security software to secure the network alone. The data must also be secured from both external and internal threats. To this point, Vigilar has developed an innovative approach to the design and planning of security system software called the TITAN architecture that revolves around five key areas.
      Threat Analysis & Policy Management
      Partners: AlgoSec, Alterpoint, Altiris, BigFix, Cambia, eEye, eIQ Networks, Elemental Security, Firemon, Loglogic, McAfee, Qualys, Skybox
      Identity and Access Security
      Partners: Aventail, ConSentry Networks, Courion, CRYPTOCard, Cyber-Ark, Digital Persona, Imprivata, InfoBlox, RSA, SafeNet & Secure Computing
      Traffic Management
      Partners: F5
      Application and Content Security
      Partners: BorderWare, Certified Mail, CORE Technologies, Determina, Facetime, Fortify Software, Forum Systems, Imperva, Ingrian Networks, McAfee, NetContinuum, PGP Corporation, ProofPoint, Purewire, SafeNet, Securewave, SPI Dynamics, SurfControl, Symantec, Tizor Systems, TrendMicro, Tumbleweed, VMWare, Voltage, Vontu & Websense
      Network Security
      Partners: TippingPoint, AirDefense, AirMagnet, AirTight, Aruba, BlueCoat, Checkpoint, Cisco/Okena, CrossBeam, Juniper, Lancope, McAfee, Net Optics, Nokia, Nortel, Resilience, Sipera, SourceFire & Tufin

  • ATLAS™ Security-As-A-Service

    • Asset Identification, Prioritization and Management:
      Identifies infrastructure assets, security issues and network changes.
      Prioritizes assets and provides an asset-based risk score.
      Includes: Change Monitoring and Management, Asset and License Management, Network State Traffic Monitoring and Risk Analysis.
      Technical Support:
      Provides expert front line support for specified security vendors.
      Helps reduce technical support costs and ticket resolution times.
      Log Management:
      Provides a secured, tamper-proof, automated audit trail for system and application components.
      Authentication Management:
      Manages the entire Two-Factor Authentication token lifecycle including implementation, user provisioning, account approval and token inventory management.
      Systems Maintenance, Monitoring and Management:
      Provides ongoing maintenance, monitoring and management of leading third-party security devices (Firewalls, IDS, IPS).
      Gives your team access to Vigilar’s security expertise.
      Frees up your staff from the burdens of day-to-day management tasks.

  • IT & Security Training

    • Corporate On-Site Training
      Whether you work in a small, medium or large organization, Vigilar's Intense School is your single source for corporate on-site training covering advanced networking and security. Our customized enterprise solutions offer on-site technical training that allows corporate training managers the ability to easily administer their learning programs and track the progress of all participating employees.
      Individual Boot Camp Training
      Vigilar's Intense School holds Network Security, Microsoft, CompTIA and Cisco Boot Camps that offer certification in less time and at less cost than traditional training methods. Intense School's boot camps are all-inclusive – we provide hotel accommodations and lunch, comprehensive training and testing all in one location.
      Government Training
      Vigilar's Intense School's dedicated Federal team has trained thousands of Government information and IT security personnel, empowering these professionals to maintain peek performance of both their skills and the technologies they oversee.
      Online Training: Learn at Your Own Pace
      Vigilar's Intense School revolutionizes the newest wave of training through our Online courses, a unique and accommodating way to attain certification! Vigilar's Intense School fits the schedules and needs of our students by offering classes in the daytime, evening, and weekend hours.

    1. About Vigilar

    2. Our Team

    3. Resources

    4. » Press Releases
    5. » Recent News & Articles
    6. » Case Studies
    7. » White Papers
    8. » Webcasts

    9. Upcoming Events

    10. Current Promotions

    11. Careers

  • Vigilar’s Press Releases - September 10, 2007

    VIGILAR RELEASES OPEN SOURCE VoIP HOPPER TOOL
    VoIP Hopper Testing Tool, Combined With Vigilar’s Recommended Best Practices, Helps Secure Growing Number of Integrated Enterprise VoIP Networks

    ATLANTA, September 10, 2007 – Vigilar, a leading provider of information security solutions and services, today announced the availability of the “VoIP Hopper”, an automated tool that rapidly runs a VoIP network configuration validation test to help enterprises determine the vulnerability of their VoIP networks. The VoIP Hopper has been released as an open source tool, and can be downloaded from www.vigilar.com/services/voip_hopper.html. The convergence of voice and data into a single network promises to reduce costs, improve quality and simplify management. But as voice exists on the network as yet another application, it poses new challenges to the enterprise and new potential security risks arise. In particular, in a converged VoIP deployment, where a single Ethernet cable provides both the phone service and the computer connection, significant risks arise. Concerns arise around the ability to gain privileged access through publicly accessible phones, such as those found in lobbies, hotel rooms, and conference rooms.

    Securing Voice VLANs
    The new VoIP Hopper tool allows enterprise IT administrators to test their networks for a specific vulnerability that can occur when the Voice VLAN feature is enabled. With this feature enabled, a PC can be daisy chained to an IP Phone and the connection for both PC and Phone to be trunked through the same physical Ethernet cable. As a result, users can easily gain access to the data network using a VLAN hop from the data network to the voice (known as a VoIP hop). Once on the network, a malicious user could run several different types of attacks against the IP Phone network, including eavesdropping on unencrypted phone calls, or causing interruption of service against the IP Phone network. Worse still, the user could also access the data network, gaining access to mission critical, proprietary data and applications, such as customer data and email or financial applications.

    The VoIP Hopper
    To discover whether a network may be vulnerable to potential VoIP attacks, Vigilar has developed an assessment method called VoIP Hopping, and an automated assessment tool called the VoIP Hopper. Released as open source, the new VoIP Hopper tool helps IT administrators test their networks to determine if VoIP Hopping possible on their network. The VoIP Hopper enables administrators to quickly and easily test the protection controls of a Layer 2 network to see if a regular PC can mimic the behavior of an IP phone and thereby gain access to the IP Phone network.

    “The benefits of VoIP are clear, but there are great risks to implementing a VoIP Network without proper Layer 2 network controls in place,” said Jason Ostrom, researcher for Vigilar and developer of the VoIP Hopper tool. “As attack vectors against the VoIP networks become more common, enterprises must begin protecting themselves against these potential risks. We are pleased to release the VoIP Hopper tool to the community, and hope that it will help security teams and VoIP administrators in their evaluations of the security of their VoIP networks.”

    Vigilar also recommends that enterprises enable the following controls to mitigate VoIP Hopping attacks:
    1. Enable Port Security or MAC Address Filtering
    2. Enable 802.1x
    3. Proper firewall placement or network segmentation

    For more information on the VoIP Hopper vulnerability assessment tool, or for a VoIP security consultation, contact Vigilar at www.vigilar.com.

    About Vigilar
    Since its inception in 2000, Vigilar, a leading provider of information security solutions and services, has focused solely on improving its customers’ security postures. Vigilar’s security expertise is all-encompassing and includes security architecture design, product selection and delivery, implementation services, regulatory compliance services, risk assessments, IT security audits, and IT and security training. In addition, Vigilar offers the ATLAS security-as-a-service, which provides enterprises with managed asset and license tracking, technical support, log management, authentication management and systems maintenance. Vigilar partners with the industry’s most innovative information security technology providers to offer fully integrated solutions that meet risk management, network infrastructure, and compliance needs. Vigilar has offices throughout the Southeast and Southwest United States. For more information, visit www.vigilar.com.

  • Media Contact

    Ryan English
    Vigilar
    (770) 481-2115
    renglish (at) vigilar.com

 

Resources:

White Papers

Case Studies

Webcasts

 Home | Contact Us | Privacy | Legal | About Us | IT & Security Training | ATLAS SaaS | Professional Services | Solutions
© 2008 Vigilar, Inc. All Rights Reserved.
Stay current with Information Security News and Updates