MANAGED SECURITY SERVICES

Transcription

1 MANAGED SECURITY SERVICES

2 Security first Safety first! Security is becoming increasingly important for companies, especially for the extension of networking to mission-critical environments, with new intranet and extranet and e-commerce applications. An increasing number of companies use the services of outsourcing in the security, with the aim to delegate effectively their security infrastructures management for focusing instead on their core-business. Our range of Managed Security Services offers companies a comprehensive portfolio of managed security services, from traditional to more innovative, provided by highly specialized personnel. The suite of services is aimed at control of the security component of the infrastructure of the customer and works remotely. The Managed Security Services suite includes: Managed Firewall Managed Virtual Private Network Managed Intrusion Detection Managed AntiVirus Vulnerability Assessment Penetration Test Services are provided by the structure of the NOC (Network Operation Center) of our company, able to provide H24 operational support, delivered by certified personnel. The organization of the NOC is ISO 27001: 2005 and ensures policies and procedures in line with the need for confidentiality, integrity and availability in providing the service to the customer. More benefits for everyone The full suite of Managed Security Services is aimed at all those companies that, at low cost, wish to maintain high levels of security and control of their infrastructure, intending to focus internal resources on their core business activities. The main advantages of the adoption of services payable by the NOC, are: Reducing costs Companies outsource activities that are not its core business and reduce the cost of operations related to the ongoing monitoring of their security infrastructure (firewall, IDS / IPS, Antivirus, etc.).

3 Business Continuity Managed Security Services The Managed Security Services suite helps you identify potential security issues and resolve them proactively. This results in improved continuity of service for the network, systems, applications: a proactive approach to safeguarding your data, productivity, service to the customer. Optimizing resources Possibility for the customer to focus on their core business activities, with a focus on processes/services and technologies. The customer does not have the burden of managing complex technologies, in continues changing. A service for every need The following is the description of the main services provided. Managed Firewall The service is designed for organizations that want to connect to, or who have already connected their private LAN to the Internet. The firewall controls access between the public and private network, allows or denies access to a corporate network according to predefined policies, protecting network resources from attacks from the Internet. Client requirements depend on the size of their networks and the specific problems related to their business. For this reason, the service offers a differentiation based on different architectures and different levels of service. The goal, however, is to relieve the customer from the activities of firewall management and eliminating the need to use of internal staff with specific skills. The "Managed Firewall" is in fact a service of remote firewall management that doesn t require dedicated resources at the customer. The Advanced option integrates the Managed Firewall service based on the specialist support of a dedicated security expert. The supported platforms are: Check Point, Cisco Systems (PIX, ASA, FWSM), Clavister Firewall. There are two modes of service delivery: Management + Monitoring Just Monitoring Managed Virtual Private Network The service is designed for organizations that want to connect to, or who have already connected their remote offices or mobile employees via secure connections to the corporate Intranet. You can identify two categories of service: Site-to-Site VPN; to support secure communications on the Internet between offices of the same company (intranet) or partner companies (extranet); Client-to-Site VPN; to support secure communications on the Internet by mobile users to headquarters.

4 Managed Security Services Site-to-Site VPN e Client-to-Site VPN services canbe provided only bundled with Managed Firewall. The main service delivery features of Secure VPN are as follows: Supply, installation and configuration of the equipment side customer; Remote management from SOC via secure connection; IP Tunneling Services with IPSec (IP Security), with confidentiality (cryptography). Managed Intrusion Detection The service is designed for organizations that want to make checks on IP traffic of its infrastructure to promptly identify attempted attacks or unauthorized access. The service is provided through sensors installed on the server (host based IDS - HIDS) or via network probes (network-based IDS - NIDS) positioned in one or more key points of the network. These sensors analyze traffic and identify suspicious behavior and abnormal situations. It is possible to identify both the attacks coming from the Internet and those who may come from internal users to the network of the customer. The processing normally carried out include: Baseline features, features necessary to detect attacks (proper reassembly fragments IP, TCP acknowledgment flag...). Portscan detection, which consists in activity detection scanning of various types systems and sending the corresponding alarm. Exploit detection, consisting in search of packages due to known attacks, carried out by pattern matching (ie searching for character strings in particular traffic) and sending the corresponding alarms. The supported platforms are: Cisco IDS (NIDS and HIDS), ISS (NIDS and HIDS), Snort (NIDS). Managed Antivirus The management services of antivirus systems are a value-added service. They can be configured to work in close synergy with the systems of firewalling. The service offers protection at all levels of the company: Desktop & Client - Virus Protection for the end user of the business and home user. Mail and Collaborative Systems - Protection against viruses to Lotus Notes, Microsoft Exchange, and Hewlett-Packard OpenMail. Internet Gateway - Stops viruses protocols SMTP, HTTP, and FTP at the gateway. Data and Archives - Protection against viruses to groups of servers and domains.

5 Management - Centralized control strategy in the enterprise antivirus. The supported platforms are: TrendMicro, Sophos. Vulnerability Assessment Managed Security Services The service "Vulnerability Assessment" is intended to verify objectively the safety of a corporate network and provide useful information for the management of security systems and related policies; It is given that this is a service that analyzes the security of an architecture according to a bottom-up approach, going to check the security mechanisms of a corporate network. The basic approach is to identify the possible "breaches" by operating one "scanning" on the nodes of the network of the customer on Internet facing (including firewall, Web Server, FTP Server, DNS Server, Router, etc...), a station remote management and with the support of a repository of known vulnerabilities and continuously updated. The analysis result is a report that puts the customer in a position to: clearly identify vulnerabilities emerged; be able to plan any interventions in specific areas of the network. The service standard is periodic (monthly / quarterly) but can also be requested by the customer one-off for a first vulnerability assessment of the network or in the case of evolution of the network itself. Penetration Test The service allows you to check the level of robustness of the security policy implemented on the internal network. It is provided on-site with the presence of a security specialist that works hacking "controlled" within the network of the customer. The activities illustrate concretely the potential of attacks on systems, without taking them to their practical consequences and without harm, but by testing the feasibility. Certified quality The service delivery takes place throughout the country. Services are provided by the NOC of the customer connected to the network via the Internet with secure IP sessions. In addition to the main link, it can be activated a dial-up on the public switched network to reach out-of-band devices to manage, in the case the network infrastructure customer is out of service. The service delivery calls for compliance with Service Level Agreement (SLA) with two possible time profiles: FULL SLA, which guarantees a full time coverage H24; SLA Working Hours, which guarantees a limited time frame (Mon-Fri, 9: 00-18: 00).

6 The features most 'significant service are: Certified Security Engineers Availability H24 Support in Italian Advanced troubleshooting and escalation technique Managed Security Services Direct channel to Tech Support Vendors. Certified partnership with Technology Vendor Certification - The organization of the NOC is ISO27001 certified, ensuring policies and procedures in line with the need for confidentiality, integrity and availability in providing the service to the customer.