Security Services and Penetration Testing

Security Services

aql provides a range of services, including information security and assurance consultancy, and penetration testing. We have over ten years experience in developing, operating and maintaining secure telecommunications and data networks. Our comprehensive list of services reflects our experience and commitment to security, and includes:

• Information security and assurance consultancy;
• Information security policy development;
• Information security management;
• Security architecture and network design;
• Technical security services and consultancy;
• Penetration testing.

aql is able to provide technical advice and support on all aspects of system and network security, including:

• Secure operating system and server installation, configuration and management. We specialise in hardened Linux, FreeBSD and OpenBSD platforms.
• Secure network service configuration and management, including: FTP, SFTP, SSH (SCP), SMTP, HTTP, HTTPS, SAMBA, DNS, DHCP, TFTP, SNMP, NFS and VoIP.
• Firewall configuration and management, including commercial security appliances and open-source technology: Cisco, CyberGuard, CheckPoint, Linux (iptables) and FreeBSD (ipfilter).
• Secure switch and router configuration and management.
• Virtual Private Networks (VPNs), to securely extend corporate LANs, including encrypted layer-2 bridges, and to provide secure remote working.
• Secure wireless networking (802.11a/b/g).
• Secure Asterisk and VoIP system installation, configuration and management.

Penetration Testing

aql is able to help its clients understand their risks and security posture by subjecting their network defences to rigorous security testing. We are able to assess the vulnerabilities present in all internal and external systems, including workstations, servers, websites, web applications and VoIP systems. aql is also able to assess the security of wireless networks and external data communications links.

We provide a range of testing levels, from non-intrusive vulnerability assessments to fully exploitative penetration testing.

Where appropriate, aql exploits security vulnerabilities and uses the access gained as a platform to target other systems defined to be within the scope of testing. This accurately reflects the activities of a malicious attacker and allows us to provide the most relevant and proportionate security recommendations.

aql provides pragmatic advice and support, offering the detailed advice required to rectify any identified vulnerabilities.