Nexpose Busts Security Violations at Redflex Traffic Systems

• 网络安全和隐私 - 端点安全
• 网络安全和隐私 - 网络安全
• 网络安全和隐私 - 安全合规

• 安全与公共安全
• 运输

• 商业运营
• 质量保证

• 入侵检测系统
• 监管合规监控
• 远程资产管理

• 网络安全服务
• 系统集成
• 培训

When Eric Nooden joined Redflex as Information Security Specialist, he found many out-of-date server operating systems. Because system stability was a priority with Redflex proprietary solutions, no one wanted to risk outages. The systems administrators were nervous about patching servers, fearing they might break them. The Redflex team had multilayer security in place, with firewalls, anti-virus software, and other technologies, but no dedicated security personnel to manage them. The undermanaged security posture was more reactive than proactive, and Nooden joined Redflex to change that. Additionally, because Redflex passes financial transactions to processing institutions, its systems must pass SAS 70 audits and comply with data protection standards such as Payment Card Industry Data Security Standard (PCI DSS) to avoid fines.

Redflex Traffic Systems, Inc. is the longest consistently operating company in the growing road-safety camera industry in the United States, with more than 20 years of experience partnering with cities to make an impact on dangerous driving behaviors. Redflex technology has proven its impact on U.S. public safety. Its road safety cameras have helped create safer communities. Rates of running stop signs, red lights, and railroad crossings—and subsequent accidents—drop significantly when people know they might get a ticket. Advanced license-plate reading technology cross checks numbers against police databases and alerts law enforcement when matches occur. Redflex video is also valid evidence for court proceedings. The heart of the Redflex solution is a high-end database that receives and processes all traffic video through secure connections. The system identifies violations and, with client approval, generates tickets and mails them to violators. Because Redflex passes financial transactions to processing institutions, its systems must pass SAS 70 audits and comply with data protection standards such as Payment Card Industry Data Security Standard (PCI DSS) to avoid fines. The data center also includes a range of standard business applications on a mix of Windows and Unix servers.

Among the solutions Nooden inherited were vulnerability-scanning systems from three vendors. One of these systems was a Rapid7 Nexpose Enterprise Edition appliance. Nooden put it to work, performing a system-wide scan across all databases, Web servers, network components, and user computers. Nexpose scans for more than 14,000 vulnerabilities and performs about 54,500 checks to locate and identify threats and assess their risk to the environment. Integration with Metasploit provides remote scan control, exploit identification, and automated exploitation functionality. The scan report uses SANS guidelines to rank potential vulnerabilities according to severity, helping Nooden to prioritize tasks. The report also includes step-by-step procedures for effective remediation. Initial Nexpose scans found default passwords in many devices, especially in the network, identified easily exploitable vulnerabilities in unpatched server operating systems, and gave step-by-step plans to quickly address them. Nooden says the Nexpose user interface is highly intuitive and the reports are comprehensive. “It’s so straightforward, I didn’t need any formal training,” he says. But he hired a Rapid7 Professional Services consultant to teach him how to fine-tune configurations to look for specific information. Nooden uses Nexpose to scan critical systems daily and others weekly or monthly. He relies upon the information in scan reports to issue change requests with the appropriate server, network, and desktop administrators and track when vulnerabilities are fixed. Rapid7 Technical Support resolves his questions quickly, often within a few minutes.

• Of its three vulnerability-scanning solutions, Redflex only renewed its license for Rapid7 Nexpose. Nexpose catches vulnerabilities that other solutions miss and has shown no false-positives.
• Rapid7 Nexpose Enterprise Edition provides detailed information that assisted the Redflex staff with a database upgrade project that increased the security posture of proprietary systems without compromising stability.
• Nexpose helps prove compliance with financial standards and regulations, ensuring that Redflex meets necessary data protection standards.

• Nexpose scans for more than 14,000 vulnerabilities and performs about 54,500 checks to locate and identify threats.
• Initial Nexpose scans found default passwords in many devices, especially in the network, and identified easily exploitable vulnerabilities in unpatched server operating systems.