Whitepapers & Cutsheets

Enterprise Data Analysis and Transactional Auditing (eDATA)

The Electronic On-Ramp, Inc. (EOR) team has developed leading edge methodologies that enable commercial enterprise organizations and government agencies to accurately track how many network data packets should be on a network at any given time. We have termed the core technique “eDATA” (Enterprise Data Analysis and Transactional Auditing). This technique has diverse application into banking, finance, or fortifying the security of large business driven network environments. This methodology enables large enterprises to adopt a new stance in their security posture to enable them to step away from traditional network baseline and anomaly based approaches to network security monitoring by taking into account the mathematics involved with actual business transactions. This new approach is much more realistic than the older quasi-utopian ideas associated with network baselines that were always plagued by the ever changing needs of business and the very nature of both the internal and external threats that evolve and surround enterprises today.

Download PDF

EOR Corporate Overview

The Electronic On-Ramp, Inc. (EOR) is a Native American Indian, Disabled Veteran Owned, and (8a) Certified Small Disadvantaged Business. EOR has developed strategic partnerships throughout the federal government, the Department of Defense, and the commercial sector. EOR skillfully provides Architectural, Engineering, Information Assurance services and products to its customer’s base. EOR specializes in developing and maintaining complete lifecycle management solutions, and in helping the “good guys” from around the world.

Download PDF

Digitally Fighting Organized Crime Syndicates

Members of The Electronic On-Ramp, Inc. (EOR) gained worldwide recognition as security specialists protected countless unspecified victims, when a leading hotel chains’ website was broken into by an organized foreign crime syndicate. The EOR Team provided decisive first contact and emergency response efforts when notifying and working with other global Internet Service Providers and Law Enforcement Agencies to end the fraudulent and hostile activity. EOR worked in a dedicated and timely manner to protect the victims and to bring the malicious hackers to justice. As a result of the teams efforts, they were able to expand the reach of their efforts to go beyond assisting initial victims of this fraudulent activity, but were also able to protect citizens around the world from falling victim to other malicious activities that were utilizing the same digital drop boxes designed in full to defraud victims from around the world.

Download PDF

Secure Network Operations Center (SNOC) Overview

The Electronic On-Ramp, Inc. (EOR) team has developed a new methodology to support an architecturally sound operations center that they have termed a SNOC (Security Network Operations Center) that consolidates both NOC (Network Operations Center) and SOC (Security Operations Center) functionality. This approach reduces the investment and overhead necessary to manage these traditionally separate aspects of enterprise security management. This also effectively increases knowledge sharing, while decreasing the mean time to response to security threats. The combined nature of gathering information from security and networking systems allows security analysts and network engineers to detect anomalies, zero day vulnerabilities, network outages, and threats as they happen rather than in a state of delay providing a convenient unification of metrics while at the same time reducing overhead.

Download PDF

Authenticated Execution Technical Overview

A relatively new software technology, developed for use in a commercial-off-the-shelf (COTS) security product, has enormous potential for detecting a trusted insider’s use of unauthorized software. With additional engineering and integration efforts, this COTS program could not only identify that the code was unauthorized, but it could also compare the code with a database of exploit code technologies known to compromise system security or software tools that support espionage operations. This capability would enable investigators to identify the computer user responsible for launching the hostile code, and also permit the investigators to open an investigation to determine the insider’s purpose, if he is working for a foreign intelligence service (FIS), and what kind of information he may be trying to obtain.

Download PDF

Cutsheets

High Security Data Center

EOR provides a large and scalable facility that is designed to optimize and protect IT operations, A redundantly routed fiber optic OC-192 backbone provides reliable, high-speed Internet access and guarantees the bandwidth. Today both businesses and government agencies need a solution to the problem of maintaining a reliable Internet infrastructure. EOR provides this solution with our High-Speed Data Center (HSDC). As a fully-independent ISP, EOR offers the additional advantages of being a high-throughput, multi-homed, and highly-reliable network architecture for your critical data, services, operational, and business needs. As the core of our full-scope Janus security service, EOR’s HSDC offers customers dedicated collocation, hosting, connectivity, and managed security services as well, all woven into a high security architecture

Download PDF

Managed Security Services

Like an army under attack, most organizations today find themselves surrounded by a growing number of threats, vulnerabilities and regulatory challenges. Most IT staffs do not have the time, tools, or knowledge needed to effectively protect their systems and can be overwhelmed when attempting manage the security risks associated with these threats.

Download PDF

Forensics and Incident Response

In a digital, connected world of global networks moving at gigabit speeds, incident response is no longer enough. By the time you discover an incident, chances are the bad guys have already gotten away with what they wanted. Today, you must put a custom combination of tools, services, and vigilant monitoring in place designed to prevent the incident from ever happenning in the first place.

Download PDF

Malware Analysis for Federal Clients

Malware is acronym and means malicious software. The implication is that it includes all software that exhibits malicious behavior. If we take the entire set of software we assume the vast majority of available software is not programmed with any malicious intent.

Download PDF

Patch Management for Federal Clients

The rise of widespread worms and malicious code targeting known vulnerabilities on unpatched systems, and the resultant downtime and expense they bring, is one of the biggest reasons organizations are focusing on patch management.

Download PDF

Secure PIPE Based End Points (ISP/NSP)

The new commercial Internet is characterized by hundreds of ISPs, many on shoestring budgets in low margin competition. Enterprises building Web services to interact with suppliers, vendors and customers face the challenge of many exposure points, security threats and unauthorized information access.

Download PDF

Artificial Intelligence Based Products

It is the science and engineering of making intelligent machines, especially intelligent computer programs. It is related to the similar task of using computers to understand human intelligence, but AI does not have to confine itself to methods that are biologically observable.

Download PDF

Help Desk / Incident Response

Help desks are now a fundamental and core part of good business service and operation. However, addressing the tricky issues, selecting the right tools, and managing the help desk correctly can actually be a very daunting task.

Download PDF

Security Architecture

Security Architecture defines common, industry-wide, open-standards-based technologies and applicable industry best practices as the cornerstone elements required to enable secure and efficient transaction of business, delivery services, and communications among its citizens, federal government, cities, counties, and local governments, as well as the private business sector

Download PDF

Security Engineering

The ever-increasing volume of attacks on networks requires that businesses incorporate security into network and systems design. For this securtiy policy is defined by organizaitions with the application going to be runned witihin the network for security purpose.

Download PDF