Netzwerk-Sicherheit als Service?

Mehr erfahren

Netzwerk-Sicherheit als Service?

Netzwerk-Sicherheits-Service

Um die täglichen Herausforderungen im Bereich der Netzwerk-Informationssicherheit aktiv anzugehen, bieten wir einen umfassenden Einblick in die Netzwerk- und Netzwerksicherheitsinfrastruktur.

Unser Team verfügt über mehrjährige Erfahrung in Architektur, Engineering, Implementierung und Betrieb einer breiten Palette von präventiven Netzwerksicherheitstechnologien (verschiedene Arten von Firewalls, IPSEC VPN, SSL VPN, IDS, IPS, Web Content Filtering und Proxies, Access Controls).

Warum scheitert die Prävention schließlich?

Jedes einzelne Netzwerk kann kompromittiert werden, entweder durch einen externen Angreifer oder einen Insider. Es gibt einfach zu viele Systeme, die eine Vielzahl von Diensten anbieten, die auf einer großen Anzahl von fehlerhaften Anwendungen laufen und wenige ausgewählte Ressourcen mit der maximalen Anzahl von möglichen Verantwortlichkeiten in einem geschlossenen Netzwerk überlasten.

Network Security Monitoring Services (NSMS) sammelt Daten, um eine umfassende Bewertung, schnelle Erkennung und sofortige Reaktion zu generieren. Sie müssen sich auf Situationen vorbereiten, in denen die Prävention fehlschlägt, und mögliche Auswirkungen nicht autorisierter Aktivitäten und Sicherheitslücken verringern. Wie wird das gemacht?

 

To get more into detail, please open the bullet points below:

You need to „Know Your network!“ >in and out>.</p> <p>

Our approached is based on essential insights and experience over the past decades – reading the network infrastructure is a highly complex task requiring highly skilled, experienced individuals.
Through this service we provide key elements to address the requirements of PCI DSS, HIPAA/ HITECH, GLBA, Sarbanes-Oxley, and other mandates. Compliance-specific reporting makes it easy to evaluate and document our client´s compliance stance.

The service is essential to address the top security topics:

 

  • APT (advanced persistent threads)
  • Network Application Security
  • Network Access Control
  • Cloud Security
  • IPv6 Security
  • Wireless Security
  • Network Forensics

NSM - Network Security Monitoring

Managed Network Security Monitoring Services (NSMS)

  • Basic approach: collection, consolidation and correlation of available network infrastructure information sources (logs, flows, events)
  • Deployment of sensors, probes, collectors and agents in selected network segments
  • Analysis and reporting on a central management platform
  • Reporting Services (technical and management level)

This service targets „focus threads“:
We perform strategic monitoring of network traffic to assist in detection and validation of intrusions from external, but also internal sources. The service includes gathering, analysis and escalation of security indications and warnings as a result of analysis and interpretation.

  • Our technologies perform collection
  • Our people perform analysis
  • Processes perform escalations

 

Security Incident Event Management

SIEM is an additional service to our NSMS. Our service is focusing on collecting and interpretating security events generated by dedicated network security technologies. We help understanding the relevance of vendor specific reporting systems by generating consolidated reports eliminating false-positives and highlighting the relevant events.
Security Incident Event Management (SIEM) includes:

  • Log Management
  • IT regulatory compliance
  • Event Correlation
  • Active Response
  • Endpoint Security

Vulnerability Scanning

This is a supplementary service to our „Know Your Network“ approach.
Understanding vulnerabilities of systems is essential, and the appropriate response may turn out to be complex. We provide support for:

  • Vulnerability Identification
    Identification of System Weaknesses (Open Ports and Software)
  • Network System Status Reporting
    Regular Identification of Systems and Services in the network
  • Efficient Release Management
    Reporting System Software Release Status

Advanced Technical Security Support

Based on our experience in architecting, engineering implementing and operating thousands of network security systems in complex environments we offer technical consulting services for

  • IDS, IPS, firewall (network and application), VPN, access control, content filtering and proxies design, implementation and operations
  • Vendor support (Checkpoint, Cisco, Juniper, HP Tipping Point, McAfee, Bluecoat, F5)
  • Scope Definition
  • Requirement Definition
  • Network Design / Engineering /Implementation
  • Network Analysis/Troubleshooting

IPv6 Security

The migration to IPv6 is a challenging requirement – even for large IT organisations. Especially for network security infrastructures the migration to IPv6 has a deep impact on the entire architecture:

  • IPv6 is driven by an end-to-end, bi-directional connection approach
  • The IPv6 protocol assumes public addresses to all devices
  • IPv6 Messages within protocols types should be dropped in addition to L3-protocols
  • Border Routers and Perimeter Firewalls must be configured more precisely but policy directions and control definitions are missing
  • More security functions will be moved to endpoint intelligence
  • Firewalls will have to be radical redesigned
  • SSL/TSL is going away under IPv6, functions are embedded into the protocol

Migration to IPv6

We support the migration to IPv6 thru:

  • Architectural Consulting and Engineering for the entire Network Security Systems redesign
  • Security policy definition -review of Policies, Security Controls and Guidelines
  • Interface technology deployment for the security program to avoid security holes by concurrent protocol

Managed Security Services

We support managed security services for:

  • Managed Firewall (Network and Application)
  • Managed VPN (IPSEC and SSL)
  • Managed Proxy and Content Filtering
  • Managed Load Balancer
  • Managed IDS and IPS

Cloud Security

Security controls in cloud computing are no different than security controls in any IT environment. However, because of the cloud service models employed, the operational model, and the technologies used to enable cloud services, cloud computing may present different risks to an organization. We support Cloud infrastructure reference architectures.

Governing the Cloud: compliance and audit management, governance ABD risk management, information management and data security

Operating the Cloud: data center operations, incident response, identity, entitlement and access management, virtualization, traditional security, business continuity and disaster recovery, application security.

Haben wir Ihr Interesse geweckt?

 

Standort

e-ito Technology Services GmbH
Prinz-Carl-Anlage 42
67547 Worms

Kontakt

Tel: +49 6241 8544312

E-Mail: info@e-ito.de