Security as a service?
Network Security Services
To actively address today´s challenges in network information security we deliver in-depth visibility of network and network security infrastructure.
Our team has achieved multiple years of experience in architecting, engineering implementing and operating a wide range of preventive network security technologies (various types of firewalls, IPSEC VPN, SSL VPN, IDS, IPS, Web content filtering and Proxies, Access Controls).
Why prevention eventually fails?
Every single network can be compromised, either by an external attacker or an insider. There are just too many systems offering a variety of services running on a large number of erroneous applications overloading few selected resources with the maximum number of possible responsibilities in a closed network.
Network Security Monitoring Services (NSMS) collects data to generate a comprehensive assessment, rapid detection, and immediate response process. You need to prepare for situations where prevention fails, and decrease any potential impact from unauthorized activities and security threads. How is that done?
To get more into detail, please open the bullet points below:
You need to „Know Your network!“ >in and out>.</p> <p>
Our approached is based on essential insights and experience over the past decades – reading the network infrastructure is a highly complex task requiring highly skilled, experienced individuals.
Through this service we provide key elements to address the requirements of PCI DSS, HIPAA/ HITECH, GLBA, Sarbanes-Oxley, and other mandates. Compliance-specific reporting makes it easy to evaluate and document our client´s compliance stance.
The service is essential to address the top security topics:
- APT (advanced persistent threads)
- Network Application Security
- Network Access Control
- Cloud Security
- IPv6 Security
- Wireless Security
- Network Forensics
NSM - Network Security Monitoring
Managed Network Security Monitoring Services (NSMS)
- Basic approach: collection, consolidation and correlation of available network infrastructure information sources (logs, flows, events)
- Deployment of sensors, probes, collectors and agents in selected network segments
- Analysis and reporting on a central management platform
- Reporting Services (technical and management level)
This service targets „focus threads“:
We perform strategic monitoring of network traffic to assist in detection and validation of intrusions from external, but also internal sources. The service includes gathering, analysis and escalation of security indications and warnings as a result of analysis and interpretation.
- Our technologies perform collection
- Our people perform analysis
- Processes perform escalations
Security Incident Event Management
SIEM is an additional service to our NSMS. Our service is focusing on collecting and interpretating security events generated by dedicated network security technologies. We help understanding the relevance of vendor specific reporting systems by generating consolidated reports eliminating false-positives and highlighting the relevant events.
Security Incident Event Management (SIEM) includes:
- Log Management
- IT regulatory compliance
- Event Correlation
- Active Response
- Endpoint Security
This is a supplementary service to our „Know Your Network“ approach.
Understanding vulnerabilities of systems is essential, and the appropriate response may turn out to be complex. We provide support for:
- Vulnerability Identification
Identification of System Weaknesses (Open Ports and Software)
- Network System Status Reporting
Regular Identification of Systems and Services in the network
- Efficient Release Management
Reporting System Software Release Status
Advanced Technical Security Support
Based on our experience in architecting, engineering implementing and operating thousands of network security systems in complex environments we offer technical consulting services for
- IDS, IPS, firewall (network and application), VPN, access control, content filtering and proxies design, implementation and operations
- Vendor support (Checkpoint, Cisco, Juniper, HP Tipping Point, McAfee, Bluecoat, F5)
- Scope Definition
- Requirement Definition
- Network Design / Engineering /Implementation
- Network Analysis/Troubleshooting
The migration to IPv6 is a challenging requirement – even for large IT organisations. Especially for network security infrastructures the migration to IPv6 has a deep impact on the entire architecture:
- IPv6 is driven by an end-to-end, bi-directional connection approach
- The IPv6 protocol assumes public addresses to all devices
- IPv6 Messages within protocols types should be dropped in addition to L3-protocols
- Border Routers and Perimeter Firewalls must be configured more precisely but policy directions and control definitions are missing
- More security functions will be moved to endpoint intelligence
- Firewalls will have to be radical redesigned
- SSL/TSL is going away under IPv6, functions are embedded into the protocol
Migration to IPv6
We support the migration to IPv6 thru:
- Architectural Consulting and Engineering for the entire Network Security Systems redesign
- Security policy definition -review of Policies, Security Controls and Guidelines
- Interface technology deployment for the security program to avoid security holes by concurrent protocol
Managed Security Services
We support managed security services for:
- Managed Firewall (Network and Application)
- Managed VPN (IPSEC and SSL)
- Managed Proxy and Content Filtering
- Managed Load Balancer
- Managed IDS and IPS
Security controls in cloud computing are no different than security controls in any IT environment. However, because of the cloud service models employed, the operational model, and the technologies used to enable cloud services, cloud computing may present different risks to an organization. We support Cloud infrastructure reference architectures.
Governing the Cloud: compliance and audit management, governance ABD risk management, information management and data security
Operating the Cloud: data center operations, incident response, identity, entitlement and access management, virtualization, traditional security, business continuity and disaster recovery, application security.