LightSEC FOR SERVICE PROVIDERS

Transcription

1 LightSEC FOR SERVICE PROVIDERS MANAGED SECURITY SERVICES The Cloud and Mobility revolution, intensified by the quickly evolving threat landscape, heightens the challenge for businesses to secure their IT infrastructure. Now they must fight security threats that target their employees, applications, and other assets - not just on-premises, but throughout all of cyberspace. The Internet has become the new IT Enterprises and SMBs are migrating to off-premise data centers and most are already on the cloud. Their remote-access employees have no offices, nor the resources for superior protection. So, businesses are left with no other choice, but to outsource their IT security, just as they did for their IT data centers and applications. This creates a unique opportunity for service providers to provide managed security services, which supplement the communication services that they already provide. ECI s LightSEC solution enables service providers to become managed security service providers.

2 ECI S LightSEC SOLUTION TAMES CYBER SECURITY COMPLEXITY All-Inclusive Combines multiple security services to provide businesses with comprehensive protection from cyber attacks. Single platform Consolidates delivery of security services for economical initial deployment and ongoing operations. Intuitive threat assessment Aggregates all security events and network transaction anomalies on a single dashboard, facilitating identification and response to attacks and decreasing false negatives. Single Point-of-contact Interfaces with a trusted, long-standing vendor with solid expertise best practices. This eliminates the need to deal with multiple suppliers. Best of breed Integrates and leverages proven security applications from Check Point and other leading suppliers, for uncompromising security assurance. Future-ready In-service upgrades keep pace with the evolving threat landscape, providing you with peace of mind to do business. Multi-tenant A single cloud-based managed security service provider (MSSP) threat detection system provides unrivaled cost-effectiveness and ease of service delivery.

3 LightSEC ARCHITECTURE LightSEC Cloud Solution comprises the following components ECI S LIGHTSEC CYBER SECURITY SUITE A rich set of mature and innovative security services developed for today s MSSP needs, encompassing active threat mitigation as well as early warning threat detection and prevention. Among multiple network security functions, LightSEC incorporates Check Point s optimized network security functions and provides a Next Generation Firewall, breakthrough Intrusion Prevention System (IPS), URL Filtering, Anti-Malware, and more. LIGHTSEC-V TM INTUITIVE THREAT ASSESSMENT PLATFORM A comprehensive threat assessment and management platform that features an aggregated view of calculated threats from the entire cyber security suite. LightSEC-V also provides adaptive risk grading that correlates multiple security functions, so that a CSO can allocate security experts more effectively according to the apparent severity level of the alert. MERCURY TM NFV DELIVERY SOLUTION Delivers security services as virtualized network functions (VNFs) for ultimate deployment flexibility between cloud-based and customer premise locations. Mercury eliminates the dependency on diverse dedicated security appliances.using Commercial-Off-The-Shelf (COTS) technology, Mercury is available as a standalone platform, or as an integrated blade within the Neptune metro packet transport system, and comes with full Management and Orchestration (MANO) support. For application flexibility, Mercury NFV implements dynamic service function chaining to optimize risk classification and adjust the chain of security functions required to neutralize any given threat.

4 LightSEC CYBER SECURITY SUITE FUNDAMENTAL ACTIVE THREAT MITIGATION Firewall The firewall controls all incoming and outgoing network traffic by applying a designated set of rules. Simultaneously, it provides multilayer protection between trusted secure networks and non-trusted networks, filtered by five security gates. Each security gate supports intelligent security technologies suited to a specific layer including, IPsec, NAT, header analysis, user ID, data validation, full-session state management, IP/Port/User-based ACL, and URL awareness. This offering is part of ECI s alliance with Check Point and the solution implements their Next Generation Threat Prevention for multilayer security protection. IPsec VPN IPsec secures IP communications by authenticating and encrypting each IP packet of a communication session. IPsec can protect data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). It also supports network-level peer authentication, data origin authentication, data integrity, and data confidentiality (encryption), plus replay protection. DDoS protection A real-time, behavioral-based attack mitigation application that protects the organization infrastructure. It prevents network and application downtime, application vulnerability exploitation, malware spread, network anomalies, information theft, and other emerging cyber-attacks. It constitutes a world-class security solution including Distributed Denial of Service (DDoS) mitigation and SSL-based protection, to fully protect applications and networks against known and emerging network security threats. These include denial of service attacks, DDoS attacks, internet pipe saturation, attacks on login pages, attacks behind CDNs, and SSL-based flood attacks. LightSEC DDoS protection also includes: Protection without affecting legitimate traffic A comprehensive set of security modules Accuracy of inline or out-of-path (OOP) deployment Centralized attack management, monitoring, and reporting. INTERNET-FACING ACTIVE THREAT MITIGATION Application Control Provides application security and identity control. It enables IT teams to create granular policies easily, based on users or groups, to identify, block, or limit usage of over 250,000 Web 2.0 applications and widgets. URL Filtering Integrated with Application Control, URL filtering allows unified enforcement and management of all aspects of Web security. It provides optimized Web security through full integration in the gateway to prevent bypassing of external proxies; integration of policy enforcement with Application Control for full Web and Web 2.0 protection; and UserCheck, which empowers and educates users on Web usage policy in real time.

5 Anti-Bot and Anti-Virus Anti-bot detects bot-infected machines and prevents bot damage by blocking bot command and control communications. Anti-virus uses virus signatures and anomaly recognition to block malicious files at the gateway before they can affect users. Continual updates from ThreatCloud, the first collaborative network to fight cybercrime, ensure the latest available protection measures from the ever-evolving threat landscape. Anti-Spam and Security Provides comprehensive protection for the organization s messaging infrastructure. A multidimensional approach delivers highly accurate spam protection and defends organizations from a wide variety of virus and malware threat attempts via . Continual updates assure interception of all threats before they spread. Threat Extraction Eliminates malware contained in s and web-downloaded documents. It removes exploitable content (including active content and various embedded objects) and reconstructs files using known, safe elements. EARLY WARNING THREAT DETECTION AND PREVENTION Network Anomaly Detection This breach detection and remediation solution comprises one or more network applications (physical appliances and/or virtualized delivery) together with software modules. These connect passively to the primary switches of your internal network, find compromised endpoints and stolen credentials proactively, and then proceed to flag and remediate them. The solution works in a three-step iterative process to identify and mitigate attacks, as follows: Detect - The application passively monitors network traffic and profiles the behavior of each user/endpoint. Without requiring any configuration or signatures, it detects subtle deviations in the network, based on analysis of network behavior and gathered historical KPIs. Illuminate - Further investigates traffic anomalies, automatically scans suspected traffic, and collects host-level indicators to identify the origin of suspicious activities. This unique network-centric detection and analysis, augmented by cloud-based threat intelligence, provides your security team with actionable incidents with an extremely low falsepositive rate. Remediate - The actionable information generated for each breached system enables efficient triage and remediation. The solution purposely keeps the number of alarms (and false positives) to a low manageable number, so that security officers can mitigate breaches efficiently and quickly. This can be executed early in the attack life cycle, before any real damage is done. Big Data Cyber Analytics Big Data Cyber Analytics detect patterns that may indicate malicious users and trends, to prompt action before a problem occurs. Similar to Network Anomaly Detection traffic analysis, Big Data Cyber Analytics analyzes information over time, including log files of user behavior, flagged information from deep packet inspection (DPI), and other data feeds. It employs sophisticated big-data machine learning without predefined rules, signatures, or heuristics.

6 LightSEC-V TM INTUITIVE THREAT ASSESSMENT PLATFORM REAL-TIME THREAT MANAGEMENT FOR REAL-TIME SECURITY Security challenges in today s organization environment are diverse. Threats to critical systems exist in both IT and OT (Operations Technology) environments on all protocol levels. The sheer amount of notifications, systems, and alarms cause false positives and increases the chance of a successful breach or attack. LightSEC-V addresses these challenges by displaying all critical information on a single dashboard, which enables security managers to pinpoint the sources of attack. It provides at-a-glance aggregated views of calculated threats from multiple security functions and probes. LightSEC-V presents a clear picture of all detected security threats throughout the entire network, including production and operations networks. The result is dependable prevention of attacks and breaches before they cause downtime or damage. KEY ADVANTAGES Unified Dashboard gathers relevant data, events, and incidents from network and security systems, and from all layers. It : Shows the big picture by presenting an updated cyber status of your environment Delivers centralized real-time cyber reports and notifications Offers visibility from any device, including mobile phones and tablets Aggregated Events Analysis from multiple security subsystems and cyber engines are graded into significant main alerts to: Allow drill-down and simple navigation to discover and pinpoint root causes Supply an automatic learning engine with no need for signature updates or pre-defined heuristics Provide a smooth flow of information between primary and sub-systems (on the GUI dashboard) Calculated threats presented in a user-friendly manner Centralized real-time view of the IT cyber security status combined with the operations network Future-proof growth flexibility by adding/removing third-party widgets and aggregated components Copyright 2016 ECI. All rights reserved. Information in this document is subject to change without notice. ECI assumes no responsibility for any errors that may appear in this document. Contact us to discover how ECI s holistic LightSEC solution can secure your business ABOUT ECI ECI is a global provider of ELASTIC network solutions to CSPs, utilities as well as data center operators. Along with its long-standing, industry-proven packet-optical transport, ECI offers a variety of SDN/NFV applications, end-to-end network management, a comprehensive cyber security solution, and a range of professional services. ECI's ELASTIC solutions ensure open, future-proof, and secure communications. With ECI, customers have the luxury of choosing a network that can be tailor-made to their needs today while being flexible enough to evolve with the changing needs of tomorrow. For more information, visit us at