inlife Managed Security Service (MSS)

Similar documents
FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

Achieving PCI-Compliance through Cyberoam

Fortinet Certified Network Security Administrator

QUESTION: 1 Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)

MANAGED FIREWALL SERVICE. Service definition

Did you know your security solution can help with PCI compliance too?

Fortigate Features & Demo

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

FortiMail Filtering. Course 221 (for FortiMail v4.2) Course Overview

Unified Threat Management, Managed Security, and the Cloud Services Model

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

SonicWALL PCI 1.1 Implementation Guide

FortiMail Filtering. Course for FortiMail v4.0. Course Overview

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

Cisco ASA. Administrators

White Paper. ZyWALL USG Trade-In Program

Astaro Gateway Software Applications

TECHNICAL NOTE. FortiGate Traffic Shaping Version

74% 96 Action Items. Compliance

Cisco Small Business ISA500 Series Integrated Security Appliances

Check Point Security Administrator R70

Firewall. FortiOS Handbook v3 for FortiOS 4.0 MR3

MANAGED SECURITY SERVICES RESPONSIBILITIES GUIDE July 2013

NETASQ MIGRATING FROM V8 TO V9

Total Cost of Ownership: Benefits of Comprehensive, Real-Time Gateway Security

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

FortiGate High Availability Overview Technical Note

FortiMail Filtering. Course 221 (for FortiMail v5.0) Course Overview

Cisco ASA 5500 Series Business Edition

Securing Networks with PIX and ASA

SonicWALL Advantages Over WatchGuard

Controlling Web 2.0 Applications in the Enterprise SOLUTION GUIDE

Move over, TMG! Replacing TMG with Sophos UTM

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

How To Configure A Kiwi Ip Address On A Gbk (Networking) To Be A Static Ip Address (Network) On A Ip Address From A Ipad (Netware) On An Ipad Or Ipad 2 (

REDCENTRIC MANAGED FIREWALL SERVICE DEFINITION

Virtual Private Networks Secured Connectivity for the Distributed Organization

FortiMail Filtering Course 221-v2.2 Course Overview

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

Chapter 9 Firewalls and Intrusion Prevention Systems

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

FIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES

Funkwerk UTM Release Notes (english)

FortiGate 200A. Administration Guide. FortiGate-200A Administration Guide Version 2.80 MR8 4 February

INTRUSION DETECTION SYSTEMS and Network Security

Simple security is better security Or: How complexity became the biggest security threat

Network protection and UTM Buyers Guide

Fortinet Solutions for Compliance Requirements

Network Security. Protective and Dependable. Pioneer of IP Innovation

How To Protect Your Network From Attack

Fireware Essentials Exam Study Guide

RuggedCom Solutions for

HA OVERVIEW. FortiGate FortiOS v3.0 MR5.

Customer Service Description Next Generation Network Firewall

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Networking for Caribbean Development

Advantages of Managed Security Services

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN

1Fortinet. 2How Logtrust. Firewall technologies from Fortinet offer integrated, As your business grows and volumes of data increase,

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

ICANWK406A Install, configure and test network security

INSTANT MESSAGING SECURITY

Guideline on Auditing and Log Management

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD

Network Intrusion Prevention Systems (IPS) Frequently Asked Questions FAQ

External authentication with Fortinet Fortigate UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

Lot 1 Service Specification MANAGED SECURITY SERVICES

Using a Firewall General Configuration Guide

IINS Implementing Cisco Network Security 3.0 (IINS)

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3

Top tips for improved network security

Implementing Cisco IOS Network Security v2.0 (IINS)

FortiOS Handbook WAN Optimization, Web Cache, Explicit Proxy, and WCCP for FortiOS 5.0

Cisco Router and Security Device Manager (SDM)

ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239

March

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

A Decision Maker s Guide to Securing an IT Infrastructure

Cyberoam Perspective BFSI Security Guidelines. Overview

Introduction of Intrusion Detection Systems

Managed Security Services for Data

PCISS-1. Job Description: Key Responsibilities: I. Perform troubleshooting& support:

Network Security. Network Security. Protective and Dependable. > UTM Content Security Gateway. > VPN Security Gateway. > Multi-Homing Security Gateway

Configuration Example

E2BN Direct - Network Services for Schools and Academies

Security Technology: Firewalls and VPNs

INTRODUCTION TO FIREWALL SECURITY

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

SSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc.

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation

Feature Brief. FortiGate TM Multi-Threat Security System v3.00 MR5 Rev. 1.1 July 20, 2007

How To Configure The Fortigate Cluster Protocol In A Cluster Of Three (Fcfc) On A Microsoft Ipo (For A Powerpoint) On An Ipo 2.5 (For An Ipos 2.2.5)

GPRS / 3G Services: VPN solutions supported

Cisco Certified Security Professional (CCSP)

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Transcription:

inlife Managed Security Service (MSS) Introduction Keeping networks and data secure is an essential operational requirement for any organisation. The increase in complexity of networks and applications, the number of external threats and the multitude of different network device and access types means that the task of managing network security can be difficult and time consuming. Business increasing reliance on unified communications solutions and networked tools means that security breaches are considered to be major operational risks. For many organisations defining, implementing and continuing to enforce a security policy can be very time consuming and costly. The global nature of the internet means that threats can originate at any time from any part of the world so constant vigilance is required to detect and counter attacks. At BT we work in partnership with you to identify and understand your security needs and design a solution that cost effectively meets those needs. We have a wide range of tools and services at our disposal that are supported by our own internal UK based security experts and externally through partnerships with industry leading specialists such as Cisco and Fortinet. In addition to our consultative approach to solution design, BT offers a 24/7 Network Management Centre (NMC). Our UK based NMC ensures equipment is operating correctly and that the most up to date configuration and security checks and rules are in place. Our Technical Support Centre also provides support for technical queries, schedules configuration changes and arranges to replace failed or faulty equipment with an onsite engineer if required. In order to assist you with network security issues or in risk analysis when deploying new technology and applications, BT offers a range of professional services. These include ad-hoc requests for consultancy, network and data security audits, configuration optimisation and testing activities to help ensure that your business systems remain available and secure.

Overview The underlying technology behind the inlife Managed Security Service is provided by Fortinet, Inc. Fortinet is the pioneer and market-leading provider of ASICaccelerated Unified Threat Management (UTM) systems. Fortinet solutions were built from the ground up to integrate multiple levels of security protection - including Firewall, Anti-Virus, Intrusion Prevention, Web Content Filtering, VPN, Spyware prevention and Anti-Spam--providing customers an efficient way to protect against multiple threats as well as blended threats. Fortinet solutions offer advanced security functionality that scales from branch office to central office solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified eight times over by the ICSA (Firewall, Anti-Virus, IPSec, SSL, IDS, Client Anti-Virus detection, cleaning and Anti-Spyware). Fortinet products and solutions have met rigorous industry certifications and type approvals, including EAL4+ certification, and have been field-proven by service providers and enterprises worldwide. The FortiGate UTM appliances are dedicated, hardware-based devices that deliver complete, real-time network protection services at the network edge. Based on Fortinet s revolutionary FortiASIC Content Processor chip, the appliances can detect and eliminate viruses, worms, and other content-based attacks even for real-time applications like Web browsing. The inlife MSS (Fortinet) offers a range of service levels allowing the provision of a security service that can replace, compliment or reinforce existing services. The comprehensive set of features include: Fully Managed Firewall Fully Managed Site-to-Site VPNs (Hub and Spoke or Fully Meshed) Fully Managed Remote Access VPNs (IPSec, PPTP, SSL) Fully Managed Perimeter Anti-Virus (including Spyware and various other Grayware threats) Fully Managed Perimeter Intrusion Prevention Fully Managed Web URL Category Filtering Fully Managed Instant Messenger Filtering Fully Managed Peer to Peer Traffic Detection, Rate- Limiting or Blocking Fully Managed Email Filtering Service Provision of Advanced Logging and Reporting Remote Monitoring Fault Management Change Management Configuration Management UK-based Technical Support Desk Remote Software Update Management These features are detailed in the following sections.

Feature Details The inlife MSS (Fortinet) is a fully managed security service that provides a comprehensive suite of security, support and reporting features that are designed to protect a customer s network and resources. The following sections provide an overview of the features that are available as part of the managed security service. Managed Firewall The FortiGate UTM appliance integrates a fully featured, ASIC-accelerated, high performance firewall that has attained ICSA Version 4.0, FIPS 140-2 and Common Criteria EAL4+ certification, thereby ensuring that the solution can successfully screen and secure networks and environments against a range of threats from public or other un-trusted sources. A wide range of firewall configuration options are provided by the BT MSS, these include: The ability to control all incoming and outgoing traffic to/ from the protected network The ability to specify traffic to be encrypted (including the ability to apply advanced content inspection to traffic traversing VPN tunnels, e.g. virus scanning) The ability to control when individual firewall policies are in effect (time/day scheduling) The ability to accept or deny traffic to individual addresses or groups of addresses The ability to require users to authenticate before gaining access through the firewall (e.g. authenticate users before granting web browsing privileges) The ability to set traffic shaping priorities to specific traffic flows and guarantee or limit bandwidth per application The ability to perform Network Address Translation (NAT) or Port Address Translation (PAT) in order to hide the internal IP addressing scheme Configure Virtual Security Domains and Security Zones Managed Virtual Private Networks (VPN) The FortiGate UTM appliance provides IPSec-VPN functionality and the performance has been certified by ICSA and includes all standard IPSec features such as support for DES, 3DES and AES encryption, Perfect Forward Secrecy (PFS), NAT traversal, Dead Peer Detection, Main and Aggressive mode, etc. The FortiGate UTM appliances are fully IPSec-compliant and have been deployed by BT to create VPNs to other vendors IPSec-compliant devices, including Cisco Systems PIX/ASA firewalls, routers and VPN concentrators, Juniper Netscreen firewalls, Watchguard, Checkpoint and other vendor s VPN appliances. Remote Access VPN s are also supported for IPSec, PPTP and SSL. The BT MSS provides the necessary configuration tools and services to fully manage customer VPNs. Managed Perimeter Anti-Virus The FortiGate UTM appliance provides perimeter protection against the latest in-the-wild Viruses, Worms, Spyware, Malware and other Grayware categories. The solution is designed to stop viruses and other malicious traffic at the network perimeter. Fortinet s Day Zero protection technology offers protection against newly developed attacks. The BT MSS ensures that the most up-to-date signatures are deployed to customer appliances in a timely manner to minimise the risks associated with external viral threats. Managed Perimeter Intrusion Detection and Prevention (IPS) The FortiGate UTM appliance provides Intrusion Detection and Prevention capability that combines signature and anomaly detection and prevention techniques. Suspicious traffic can be detected and prevented from entering the network and detailed attack logs and reports can be created. The BT MSS provides configuration management to ensure IPS performance is optimised and IPS reporting to show what threats have been detected and managed.

Managed Web URL Category and Web Content Filtering The Web URL Category filtering solution provided as part of the FortiGate UTM appliance is an advanced, fully managed service. The heart of the Web URL Category filtering solution is the in-the-cloud Rating Service, which is one of the world s most comprehensive Web URL Rating Services and contains over 26 million rated domains, with several billion rated URL Web pages (the Web Mail category alone allows control of over 90,000 domains). The BT MSS provides the ability to configure the category and content filtering policy to meet evolving business needs. Managed Email Filtering The FortiGate UTM appliance provides a managed email filtering service that is designed to prevent the majority of spam emails reaching your protected email server. The BT MSS provides the ability to configure the filtering policy and specific rules associated with email filtering. Managed Peer to Peer Detection, Rate Limiting and Blocking The FortiGate UTM appliance can detect common Peer-to- Peer application usage, such as music and video sharing, and take the appropriate action based on the configured security policy. Granular policies can be applied so that individual users or groups of users have specific Peer-to-Peer application usage privileges. Peer-to-Peer applications can be allowed, blocked or rate-limiting profiles can be created that are applied to specific Peer-to-Peer applications. The BT MSS provides the ability to configure the detection rules, limits and blocking policies associated with the monitoring and control of peer to peer activities. Managed Instant Messenger Filtering and Controls The FortiGate UTM appliance can detect common Instant Messaging (IM) protocol usage (e.g. AIM, ICQ, MSN, YAHOO) and appropriate action can be taken based on pre-defined security policies. The service can automatically detect IM users and provides granular filtering and blocking capability. Lists of trusted and un-trusted IM users can be created. Access controls can be put into place to block IM messages, file transfers, photo sharing and audio. IM chat sessions, file transfers, voice chat connections and attempts to access blocked IM services can be logged and reports provided. The BT MSS provides the ability to configure the security policies, lists and rules associated with the monitoring and control of IM activities. Remote Monitoring The BT NMC will monitor the status of the installed Fortinet appliances on a 24 x 7 x 365 basis. All appliances are polled with a 2 minute period to confirm the status of the installed hardware. In the event of a loss of communication to the inlife MSS (Fortinet) appliance, the customer s nominated contacts will be notified by telephone and email. Fault Management The centre piece of our inlife MSS capability is the BT resilient Managed Security platform. This platform is in our audited and secure Network Management Centre (NMC) which is fully manned 24x7 using ITIL based processes and has ISO 9001 accreditation. The BT operators that will monitor the Fortinet appliances are common with the first line desk which provides the incare maintenance service to provide a fully coordinated end-toend fault management capability. The front line service desk is fully underpinned by a systems team, and resolution groups including FCNSP & FCNSA qualified engineers. The Fault Management service is provided using a dedicated platform and best of breed management applications. This suite of applications not only provides the BT monitoring staff with up/down status of the servers and devices in the network, but also rich information about the performance of the security applications. In addition to firmware and signature version monitoring, specific appliance characteristics such as processor load, disk usage and memory utilisation are monitored to check appliance health and performance.

This rich variety of monitored parameters not only allows the BT operators to see a wider variety of fault conditions, often before they become user affecting, but also allows for swifter diagnosis of problems and hence, faster and more efficient restoration of service. The monitoring information is collected from your appliances via an internet VPN. The information is then used to generate monitoring faults, warnings and alarms for the operators in Oswestry and Oxford. Configuration Management On a daily basis, the BT NMC will collect the configuration files from all installed FortiGate UTM appliances. These configuration files are stored securely for the lifetime of the contract, providing the ability to roll back to previous configurations should this be required. In the event of a hardware failure, the last known working configuration is loaded onto a replacement unit (if required) prior to despatch to ensure rapid service restoration and improved business continuity. Firmware Management On a regular basis or when a security vulnerability is discovered, the versions of FortiOS deployed on Fortinet appliances are reviewed to identify where firmware upgrades are required. The appliances are then remotely upgraded from the BT NMC. Logging and Reporting The FortiGate UTM appliance provides detailed information on application activity. The MSS platform retrieves this information and an advanced logging and reporting functionality provides customers with a series of customisable network security reports, via a secure web portal. The reports include: System Event Reports Firewall Traffic Reports Anti-Virus Activity Reports Intrusion Detection and Prevention Reports VPN Usage Reports Web URL Filtering Reports Instant Messenger Reports Peer-to-Peer Activity Reports Anti-SPAM Reports The monthly reports that are generated by a dedicated Reporting Server and are made available to customers either online or FTP download. The BT NMC will inform customers of the availability of these reports. BT will store 3 months of logged data and the last 3 months reports. All other data will be overwritten, thereby releasing resources on the Reporting Servers. Customers can add further reports to their reporting schedule by using changes from their Remote Adds, Moves and Changes (RMACs) allocation. Technical Support and Configuration Change Requests The BT NMC will provide support for network security issues and technical enquiries relating to the installed FortiGate UTM appliance on a 24 x 7 x 365 basis. Requests for service can include fault reporting, configuration change requests and general technical queries or requests for support relating to Fortinet appliances and services. All requests for technical support by customers will be made via telephone or email to the BT NMC, who will log a helpdesk call and supply a helpdesk call reference number to the customer. Each configuration change request delivered through the RMAC service will be documented and a clarification email will be sent to the customer prior to the change(s) being performed. Configuration change requests are categorised as major and minor. Up to 10 smaller (minor) requests can count as one major MSS RMAC, but only if they are all requested at once. Please see Appendix A for a description of and MSS RMACs. The service permits customers to log requests 24 x 7 x 365. RMACs will be actioned in line with the SLA associated with the MSS service level. Unused RMACs are not rolled into the following year, but if additional RMACs are required, these can be purchased in blocks via the BT Account Manager.

Service Levels inlife MSS (Fortinet) has three service levels, the features provided by each are listed below: Standard MSS Status Checking Key Security Features Customer Managed Technical Support Remote Monitoring Configuration Management Customer Managed Firmware Management Customer Managed Signature Updates Customer Managed RMACs per Annum 0 Reporting Customer Managed, availability report Plus MSS Managed Firewall & VPN Key Security Features Technical Support Remote Monitoring Configuration Management Firmware Management Signature Updates RMACs per Annum Reporting Firewall, VPN Daily Configuration Backups Managed by BT Not Applicable 60 (8am 6pm Mon - Fri) Monthly Security Event Reports Key Security Features Technical Support Remote Monitoring Configuration Management Firmware Management Signature Updates Premium MSS Managed Firewall & VPN Firewall, VPN, Anti-Virus, Intrusion Detection and Prevention, Category Web URL Filtering, Email Filtering Daily Configuration Backups Managed by BT Managed by BT RMACs per Annum 120 (24 x 7 x 365) Reporting Monthly Security Event Reports

Appendix A MSS RMACs Classification The following table outlines specific MSS RMAC requests that are available on the supported Fortinet appliance. Feature Change Type Routing Firewall VPN Static Addition/Deletion/Modification of Static Routes (Please note that no modification of default route is permitted) Policy Based Addition/Deletion/Modification of Policy Based Routing Dynamic Routing RIP, OSPF, BGP, Multicast Routing Configuration Policy Addition/Deletion/Modification of firewall policies Address Addition/Deletion/Modification of firewall object addresses and address groups Service Addition/Deletion/Modification of Custom Services and Service Groups Schedule Addition/Deletion/Modification of Firewall Schedules Virtual IP Protection Profiles Protection Profiles Addition/Deletion/Modification of Virtual IP NAT Translations, Virtual IP Groups and IP Pools Deletion/Modification of existing Firewall Protection Profiles (including amendment of components) Addition of new Protection Profile (including configuration of all components) IPSec Addition/Deletion/Modification of IPSec Site to Site VPN Addition/Deletion/Modification of Remote Client IPSec VPN Addition/Deletion/Modification of IPSec Remote Client Users and User Groups Provision of FortiClient.vpl file (VPN Profiles) * PPTP Addition/Deletion/Modification of PPTP Remote Client VPN Addition/Deletion/Modification of PPTP Users and User Groups SSL Addition/Deletion/Modification of SSL VPN Addition/Deletion/Modification of SSL Users and User Groups

Feature Change Type Users Local Addition/Deletion/Modification of Local User Database Anti-Virus Radius LDAP Addition/Deletion/Modification of External Radius Authentication Server Configuration Addition/Deletion/Modification of External LDAP Authentication Server Configuration Active Directory Addition/Deletion/Modification of Active Directory Authentication Server File Pattern Addition/Deletion/Modification of File Pattern rules Quarantine Not Supported N/A GrayWare Modification of GrayWare Configuration Intrusion Protection Signature Addition/Deletion/Modification of any Intrusion Prevention Signature ** Anomaly Modification of Intrusion Prevention Anomaly Detection rules ** Web Filter Anti-SPAM IM/P2P Content Block Addition/Deletion/Modification of Web Content Block and Web Content Exempt lists URL Filter Addition/Deletion/Modification of URL Filter lists FortiGuard Addition/Deletion/Modification of onboard FortiGuard Web filter categories Banned Word Addition/Deletion/Modification of Banned Word List Black/White List Addition/Deletion/Modification of Black/White List User List Addition/Deletion/Modification of IM/P2P User Lists Config Modification of IM/P2P Global Configuration

Feature Change Type Miscellaneous DHCP Addition/Deletion/Modification of DHCP configuration on any interface HA Modification of HA Configuration SNMP Enabling Customer SNMP Read-Only access Replacement Messages Modification of Replacement Message Admin Addition/Deletion/Modification of Customer Read-Only Admin account Logging Enabling Syslog logging to customer Syslog server Fault Reporting Investigation and rectification of reported faults Reporting Adhoc Report Generation General Requests for general configuration and feature advice CLI Changes Any changes made via the CLI * FortiClient support includes FW/VPN feature support only. This includes installation assistance and guidance, provision of.vpl files, troubleshooting Remote Access VPN connectivity issues and general advice and guidance relating to the FortiClient FW/VPN functionality. BT currently do not support issues relating to the FortiClient Anti-Virus, IPS or Web Filtering functionality, however, BT will provide documentation and open support issues directly with Fortinet regarding these features (Please note that this support is based on best endeavours). BT also do not support specific OS or end-user device issues. * * Please note that the Intrusion Prevention (IPS) feature will be installed with the default signature configuration as supplied by Fortinet. If the IPS feature is to be tuned, customers must inform the BT Pre-Sales Department of this requirement prior to installation. The BT NMC will configure individual signatures as part of a specific change request, however, large scale tuning and configuration of the Intrusion Prevention (IPS) feature will require additional consultancy. * * * Any change not listed above will be considered to be. Things you need to know: BT IT Services Limited. Registered Office: 3 Midland Way, Barlborough Links, Barlborough, Chesterfield, S43 4XA. Registered in England No. 02277581 The services and equipment described in this publication are subject to availability and may be modified from time to time. Services and equipment are provided subject to IT Services respective standard conditions of contract. Nothing in this publication forms any part of any contract. BT IT Services Limited 2014.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information