>

FOSS based Security Setup for SMEs and Enterprises

High-Security Setup for SMEs and Enterprises

Protection against user errors with encryption Trojans!

CTS solutions have been in use at SMEs and Enterprises for 35 years and as a remote support partner we work for companies and installations in many, often unstable, countries. We have been working in many Eastern countries since 1987. As specialists with specialist knowledge in the field of FOSS (Free Open Source Software) use in IT infrastructure, security, encryption, location connections, web services and e-commerce, we have not lost sight of the big picture and are discussion partners at CEO and departmental level, in the same way then in the depths of IT with level 3 and level 4 technicians.

We prefer to work remotely as a level 2-4 support partner of your IT department and support your IT with our specialist knowledge in the area of ​​Open Source (FOSS), firewalls, security, mail walls, proxy servers, VoIP Asterisk solutions, Element Matrix communication systems and much more . We support our installations on the basis of a flat rate so that you can plan the costs precisely. We are also happy to help with the (partial) changeover from cost-intensive proprietary solutions to FOSS (Free Open Source Software) solutions.

Since one or more supervisors are assigned to each customer, you always speak directly to a specialist! There are no hidden costs. Our price lists can be called up on the website and we invoice work according to the time and effort required!

Preface

Our solutions have been protecting customers for 35 years while maintaining reasonable usability for users. But future customers must also be ready for security-oriented installations.

Information about the setups

In general, our solutions are always specifically tailored to the customer and the respective installation is precisely tailored to the needs of the customer. The flexibility of open source solutions has allowed us to perfectly meet customer requirements for decades.

The general basis of our installations are

  • We use license costs free open source software as far as possible for the operating system and application. This dramatically reduces the risk of attacks, the overall costs and the complexity of proprietary license management tools. The availability of the source code also means that you can make your own adjustments if necessary

  • We generally recommend operating everything in-house and not storing any company data on servers in the Internet (aka cloud). Apart from possible backdoors that can give third parties access to your valuable data, only an in-house operation is really flexible and can be specially adapted to the requirements of the company. Virtualizations are preferably carried out with the enterprise-ready open source solution Proxmox, or with VMWare at the customer’s request.

  • We set up e-mail servers and communication systems, such as Element Matrix-based solutions, which we also use to process our support, and Asterisk VoIP telephony with the support of SIP clients on mobile devices via VPN connection. In addition, we set up an open source mail wall in front of the mail server, which blocks dangerous attachments, including these industry standard attachments, and thus massively reduces the risk that a user will click on this attachment and activate the Trojan. Furthermore, all users surf via a proxy server, which also blocks dangerous files when downloading. The data exchange with customers and partners takes place via an in-house server, a kind of self-operated cloud (OwnCloud).

  • Firewalls, VPN servers and similar security-relevant installations are set up exclusively with open source solutions. PFSense, OpenVPN and other FreeBSD and Debian based solutions have been tried and tested for a long time, allow HA installations and are easy to maintain.

Basic setup information

We install your solution in such a way that we completely seal off the LAN (the area where your PCs, terminal servers and data servers are located) as far as possible. In very sensitive security areas, we set up Linux terminal servers in the DMZ, to those with the standard RPD Protocol from the LAN can be connected. These systems are used to surf the Internet and also process e-mails. This means that there is no connection to the LAN if something should happen. These network workstations are virtualized and can, if necessary, be reconstructed in minutes Any file exchange that may be necessary for users and partners takes place via the OwnCloud installation. As 99% of the e-mails are sent unencrypted, i.e. openly like a postcard, the file transfers are also encrypted with https and better protected against third parties. The user desktop will be set up similar to the familiar environment to avoid anticipatory rejection as well as possible.

The distribution in publicly accessible, DMZ, separate Internet work network and LAN, in which the servers are in turn separated from the workstations by a firewall, ensures the greatest possible avoidance of user errors and the infiltration of a Trojan horse is excluded to the greatest possible extent.

Non-binding initial consultation in German or English at:

  • Tel: +43 57 676 613
  • Element MatrixMessenger: @karl: matrix.ctseuro.com