Security & intelligence

Compliance and governance

IT governance, risk management and compliance remain the most challenging organizational disciplines to understand, implement and maintain. Few businesses have the internal resources and visibility required to formulate clear processes and policies around governance risk and compliance. Organizations considering moving IT assets or applications face a bewildering array of compliance and governance options and certifications. Organisations commonly ask themselves these questions when developing their own compliance roadmap and strategy:

  • Do I need to bring in an outside auditor or can I conduct a self-audit?
  • For which certifications can I leverage my data center provider?
  • What are my competitors doing in terms of compliance?
  • Should my strategy be the same?
  • What will my clients expect of me in the sales process?
  • Which certifications do I need to achieve directly?

The key to successfully navigating the compliance waters is to determine which of the many available certifications are relevant to your business and which add more cost and complexity to your business than they’re worth. Given that each of the common compliance standards is accompanied by significant costs, correctly identifying the requirements from your internal stakeholders and clients is a critical initial step when developing your compliance strategy.

CONTROL OBJECTIVES VERSUS CONTROL PROCEDURES AND ACTIVITIES

Control objectives provide high-level goals that organizations try to achieve using policies, procedures, and systems. Control procedures and activities are the actual policies and procedures that are put in place to achieve the objectives.Best practice versus prescriptive standards‘Best practice’ standards define control objectives, goals or methods that work across many organizations but allow organizations to choose which ones to use and how to implement them. ‘Prescriptive’ standards provide detailed control requirements that need to be met exactly as outlined in order to meet the standard.

ATTESTATION VERSUS CERTIFICATION

Attestation is the result of an audit conducted to measure compliance with control objectives set by an organization. The auditor measures whether the control objectives are met by the control procedures in place. The auditor attests to the organizations ability to meet its own standards but does not determine whether the standards are valid. In this case, because there are no prescriptive standards, there’s no easy way to compare organizations simply by establishing whether an attestation standard has been completed.

Certification is the result of an audit conducted to measure compliance with prescriptive standards. The auditor can explicitly certify whether those standards have been met. From a buyer’s perspective, these standards can be used to directly compare service providers given that the standards for each organization are the same.

A POOR FOCUS ON PROCESSES AND POLICIES AFFECTS YOUR ABILITY TO

Achieve and maintain compliance standards in line with your industry or country requirements. Effectively budget and spend on controls that may not be relevant. Enforce security policy. Manage security to industry standards such as ISO 27000. Measure and report on risk posture and security governance status. Share metrics with the business to align IT security with the rest of your organization. Standardize to best practice standards across systems and locations.

NETWORK GOVERNANCE AND COMPLIANCE NETWORK ASSESSMENTS

  • ISO 27000 gap analysis.
  • Risk management.
  • Vulnerability management.

Governance, Risk and Compliance Assessment provides you with a rounded view of your current IT security risk profile against the industry standard risk indices of confidentiality, integrity, availability and audit. It’s designed to enable you to make informed decisions regarding immediate priorities – as well as strategic business plans to improve security, determine return on investment and manage risk. A discussion about your governance, risk and compliance may uncover the need for our Managed Secure Infrastructure Services, which assist you in the operational management of your security infrastructure.

NETWORK SECURITY RISK PROFILE

Gain the benefits of increased efficiencies and measurable results.

Better communication with all stakeholders in metric-based business language. Faster, cheaper and better regulatory audits and risk assessments. Fewer resources required to collect and analyze data. Focused technology spend – you can apply the right controls to the right systems. Standardized and controlled best practice across systems and locations. The ability to identify critical risks in your technology environment.

COMPLIANCE AND GOVERNANCE NETWORK SECURITY SERVICES

Our Security Architecture Assessment is a flexible engagement through which we undertake a detailed assessment of your security architecture, from policies to technical controls.

Managed Secure Infrastructure Service – Leave it to us to provide end-to-end operational management of your IT and security assets.

Technology Life cycle Management Assessment – This engagement will give you complete understanding of, and visibility into, the security health of your networking environment.

Up time Support and Maintenance – We provide proactive, multi-vendor support and maintenance services to help you maximize the availability of your IT estate while optimizing your total IT support spend.

NETWORK SECURITY ASSESSMENTS

A review of the current state of your security architecture should form part of your ongoing security improvement initiatives. A security architecture includes the unified and integrated design, implementation, and operation of security practices across your organization. This will enable you to formulate a plan to manage risks, maintain compliance with external regulations and contractual mandates, or at least align to industry best practice.

Our Security Architecture Assessment is a flexible engagement through which we undertake a detailed assessment of your security architecture, from policies to technical controls. Delivered through a choice of three service models, the outcome is a specific set of recommendations that allow you to apply your resources and controls in the most effective way to protect key assets. Combined with a remediation road map, the results can be used to build a budget and resource plan, or simply align to an existing strategy for confirmation and reassurance.

NETWORK SECURITY ASSESSMENTS INCLUDE

An interactive workshop to assess your current and desired state. Recommendations for improvement.

The development of a security road map based on business and technology initiatives. The option to choose from a selection of security assessments that assess the security landscape.

Networdk Access Control

OVERVIEW

As the proliferation of mobile devices and corporate BYOD adoption increases, revenue and productivity can rise – but so can exposure to risk. Managing non-standard, heterogeneous devices can often introduce malware into the corporate network. With Network Access Control (NAC) Managed Services, you can rely upon a team of security experts to obtain proactive management, maintenance and monitoring to keep your network, systems and data safe.

Managed Network Access Control (NAC) enables granular control over network access and continuous monitoring of corporate-sanctioned and bring-your-own-device (BYOD) endpoints. This can help you to prevent the spread of malware and other threats that can harm infrastructure and leave your business vulnerable to attack and data loss. Our services include management of your industry leading NAC products.

NAC MANAGED SERVICES PROVIDES

24×7 support from the Security Operations Center (SOC), staffed with security engineers who have in-depth knowledge and experience working with complex network environments for highly distributed environments.

Network Access Control Diagram

SAVE TIME AND REDUCE EXPENDITURES

Security Managed Services are available through the cloud and managed security services platform. This is the portal through which businesses access a variety of subscription–based Trustwave offerings, ranging from enterprise grade managed security services to compliance and security automation tools for small, medium, and large sized businesses. The threat research team is a skilled group of engineers that will handle your network security initiatives. Increase up time by preventing security infections and keeping malware out. Compliance support for regulation compliance and industry standards, including PCI, FFIEC/GLBA, SOX, HIPAA and more. We have deep expertise in compliance and can help you navigate the complexity of these mandates.

SERVICE FEATURES

Trustwave Managed NAC services include a scalable solution designed to help safeguard any network infrastructure, providing protection for all endpoints, managed and unmanaged. We combine agentless NAC with zero-day threat prevention, automated policy enforcement and network intelligence to deliver a unified view of endpoint activity and powerful analysis of your network’s history and usage. Together, these features deliver comprehensive endpoint control and offer security checks throughout the lifecycle of a device’s network access. Network Access Control Managed Services Include:

  • Agent–less deployment with technology that delivers uninterrupted, full lifecycle pre- and post-admission monitoring support.
  • Centralized management administers and monitors all devices and policies from a central console.
  • Improved network threat prevention via automated detection and restriction of non-compliant devices based on device type, vulnerability assessment, potentially malicious behavior or infection.
  • Integrated support of BYOD through mobile device security solutions portfolio, delivering automated protection for the network.
  • Real-time detection and control for managed and unmanaged assets on the network.

NETWORK ACCESS CONTROL MANAGED SERVICES

The NAC security managed services Security Operations Center (SOC) network enables us to offer managed services for vendor products, including from Trustwave, Cisco, Fortinet and Juniper Networks and others, all backed by certified expert staff. Our SOC provide 24×7 support, staffed with security engineer professionals who have in–depth knowledge and experience working with complex network environments for highly distributed environments.

NETWORK INFRASTRUCTURE SECURITY SERVICES

As attackers find new ways to exploit infrastructure vulnerabilities, enterprises must upgrade their network security capabilities. Learn more about our approach. Our security teams can assist you to realize your security objectives through our network security services. Technology Lifecycle Management Assessment; This engagement will give you complete understanding of, and visibility into, the security health of your networking environment. Leave it to us to provide end-to-end operational management of your IT and security assets. Our Security Architecture Assessment is a flexible engagement through which we undertake a detailed assessment of your security architecture, from policies to technical controls.

We provide proactive, multi-vendor support and maintenance services to help you maximize the availability of your IT security estate while optimizing your total IT support spend. Network security has multiple touch-points across your business. Let us help you ensure that all your security needs are met. As new security threats continue to arise and evolve, a robust security posture is critical to protect your business, your assets and your reputation. With secure mobile access you can accelerate the productivity of your workforce and embrace innovation – while protecting sensitive data. We assist you to protect the data that matters wherever it is in the organization – at rest or on the move.

NETWORK SECURITY CHALLENGES

The sheer size of enterprises’ networks – let alone the volume of devices and data running on those networks – leaves them open to attacks. These malicious hacks can spread from individual end-users; throughout an organization’s systems and infrastructure, out to entire industries. Traditionally, network security has used tactical policies such as device hardening and firewall audits. But reliance on security point solutions and triage of hacks after they occur is not enough. Companies need to take a dual approach, on a tactical level detecting where vulnerabilities are located and how they can be fixed, and on a strategic level ensuring their networks are designed with security in mind and kept secure, up-to-date and compliant.

NETWORK SECURITY CONSULTING SERVICES

We provide a strategic roadmap for companies to secure their infrastructure, reduce the likelihood of a breach, ensure regulatory compliance and reduce costs. Our expertise in security, networking, datacenter and infrastructure is combined with specialties in IoT and mobility, multi cloud, and compliance with HIPAA, PCI, NIST and other industry standards. We use open-source tools and established partnerships to bring clients custom solutions, providing visibility into network security gaps along with detailed plans addressing how to close these gaps and protect against potential threats.

With many technologies making claims to completely eliminate or mitigate threats with a single point hardware or software solution, we can help companies understand what solutions they have in place, how those solutions interact, and the degree of protection afforded. Scope includes threat protection, detection, and prevention, as well as firewall audits and incident response. We can also help companies combat constantly evolving threats by using our Cyber Risk Management, a comprehensive next generation approach to enhance controls, regularly scan for threats and test of infrastructure, and train employees and business partners.

NETWORK SECURITY MANAGEMENT SERVICES

Managing network security services is often challenging. Accomplishing this in the changing landscape of mobile workers, virtual data centers, and cloud computing-based services adds more complexity. To address these challenges, we offer centralized operational tools, such as enterprise-grade Security Manager, to simplify and help you manage your entire network security deployment.

In addition, we partnered with best-in-class technology vendors to deliver Security Information and Event Management (SIEM) systems that have been pre-tested and validated with security products. This variety of management options give you the flexibility to choose the network security management solutions best suited to your environment and business needs.

NETWORK SECURITY SOLUTIONS SERVICES

Network security solutions services provide qualification and quantification of actual threats to protect your assets, information and brand reputation ensuring IT compliance with security, legal and other standards. We create a security infrastructure with the right security policies, processes, architecture and expertise in place clearly and accurately report risk status and return on security investments back to the business which reduce the cost and complexity of managing multiple security vendors and support contracts. We will be your single point of contact and accountability. Our consultants make informed decisions about immediate priorities and strategic business plans to improve security and advisory services on implementing an effective cloud security and mobile security strategy.

Organizations can replace capex with opex through our outsourced and managed security services gaining access to and leverage otherwise scarce and expensive security specialists. Engage our security professionals that are recognized for their depth of expertise and passionate client delivery − our connected teams will deliver the best solutions to your security needs, anywhere in the world!

NETWORK SECURITY THREATS

A constantly evolving landscape of APTs and other security threats – increased IT compliance pressure – demand from your business stakeholders to provide robust security for virtualization, enterprise mobility, and cloud computing … enterprise security is a complex and fast-moving target. The stakes are high. A security breach could expose your business to financial and reputational damage. Non-compliance with legal and other standards can result in steep penalties − and even criminal liability. Enterprise security isn’t something you can afford to get wrong. Yet it remains one of most challenging organizational disciplines to understand, implement and maintain.

If these challenges sound familiar, we can assist you. As the world’s largest security integrator by revenue, we have a thorough understanding of global security and IT risk management. Our security specialists deliver the visibility, awareness and protection you need to hit all your IT security targets through our ability to create, integrate and manage your security infrastructure in a way that supports your business goals. We have a broad portfolio of security services coupled with proven technologies from a select group of innovative partners. a deep, broad set of security expertise and passionate client delivery through our connected teams who can deliver the best solutions to your security needs.

Datacenter Security

OVERVIEW

Organizations today face an unprecedented number of security threats. The sheer quantity of risks only promises to grow as employees, customers and partners embrace new trends and innovations, and regulators worldwide attempt to keep pace by safeguarding privacy and sensitive data. Cyber Network Security Services help organizations gain greater visibility and control over assets and sensitive information across the enterprise. Our specialized services can help your organization stay ahead of threats and interact securely with customers, employees and partners. Organizations large or small can fall victim to a cyber security threat. So robust prevention and rapid response must form the core of any data and network security program. We offer turnkey and custom cyber security solutions that feature field-tested products and services from proven vendors. Our consultative, vendor-agnostic approach provides multiple options for on-premise, virtual, and cloud-based deployment.

SECURITY MANAGED SERVICES

As a complement to our security offerings, our Managed Services provides customers with ongoing support, IT ownership, 24/7 monitoring, alerting and reporting options. Four key solutions exist to compliment a customer’s security staff and provide a proactive monitoring, ongoing management, incident response and remediation. It covers multiple security technologies such as next generation firewall, unified threat management, advanced persistent threat, network access control, security remote access (SSL), secure email, Intrusion Protection System and Session Boarder Controllers. Gartner, Inc. estimates that for every $5.62 a business spends after a breach, they could spend $1 prior on protection to prevent intrusions and minimize damage. Source: “Companies Wrestle With the Cost of Cyber security,” The Wall Street Journal, February 25, 2014.

NEXT-GENERATION THREAT PROTECTION

Next-Generation Threat Protection secures sensitive information that passes through your networks by reducing the complexity and simplifying the management of firewall services. This service enables you to centralize the management of security policies across your entire organization and control threats to applications, data and users. Our solution includes:

  • Advanced threat protection.
  • Application control.
  • Firewall platform management.
  • Firewall policy
  • management.
  • Real-time monitoring and alerting (SIEM).
  • Threat management services.
  • URL/Web filtering.

FIREWALL RULESET ASSURANCE

Firewall Ruleset Assurance (FRA), a comprehensive management tool, helps your organization continuously analyze, visualize and improve existing network security infrastructure. This service minimizes the possibility of a security breach through the active management and review of firewall rules and policies. Our solution includes:

  • FRA platform management.
  • Policy change monitoring.
  • Ruleset analysis and reporting.

NETWORK INTRUSION DETECTION AND PREVENTION

Network Intrusion Detection and Prevention supports organizations that require a comprehensive solution to detect, prevent and respond to attacks on their infrastructure. This solution can help you more quickly detect and respond to unwanted intruders. Our solution includes:

  • IDS/IPS platform management.
  • IDS/IPS policy management.
  • Incident reporting.
  • Monitoring and alerting.

ADVANCED THREAT DETECTION

Advanced Threat Detection provides real-time intelligence, adaptive protection and rapid response capabilities to combat today’s advanced persistent threats and targeted network attacks. With this service, our Risk Management Center analysts are immediately alerted to potentially dangerous events aimed at your infrastructure and can help reduce your exposure to attacks and other targeted threats. Our solution includes:

  • Platform management.
  • Network monitoring and analysis.
  • Threat alerting.

DATA LOSS PREVENTION

Data Loss Prevention (DLP) is an integrated solution that combines both endpoint and network-based controls to protect customer-defined sensitive data. Our layered architecture enables you to protect data against unintentional breaches, regardless of whether that data is stored on the network or on a disconnected endpoint. Our solution includes:

  • DLP platform management.
  • DLP policy management.
  • Policy compliance reporting.
  • Protection of data at rest and in motion.

CYBER SECURITY SERVICES

We help customers understand what they need to meet their security and compliance goals. Our products and services include:

  • Always-on, secure remote access solutions with device management and work-home application segregation.
  • Anti-spam, anti-malware, and anti-phishing for inbound email.
  • Data loss prevention and identity-based encryption for outbound email.
  • High performance, low latency, behavior-based DDoS mitigation solutions.
  • In-depth traffic analysis and a consolidated security view.
  • Load-balancing, encryption offload, and content-based routing to improve web application performance.
  • Next-generation firewalls with unified threat management.
  • Network access control for wired and wireless networks.

SECURITY SPECIFIC-PRODUCTS

Once we have a firm understanding of a customer’s current environment, we assist with an extensive list of proven products and services to address any gaps. Our consultative approach provides multiple manufacturer and deployment options for on-premise, virtual and cloud based solutions. Each manufacturer is selected to provide specific security functionality to solve customer needs. Each product can be deployed to complement the customer’s existing security solutions or to consolidate security offerings without the loss of functionality or performance.

SECURITY PROFESSIONAL SERVICES

Security professional services consist of many individual security services separated into four key groupings. These security offerings are designed to help organizations take the initial steps to either build a security program or improve their current program with industry-recognized services. The security offerings can be applied as a system or as individual services:

  • Advisory and assessment.
  • Compliance and regulatory.
  • Incident response.
  • Profiling and privacy.

DDoS Security

OVERVIEW

Organizations today are interacting more than ever with their customers, employees and partners through websites and applications. This increased web presence represents a high value target for today’s advanced denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. With DDoS attack remediation averaging $500,000, organizations need fast, simple and effective protection that can scale to block the largest, and most advanced, attacks. Managed DDoS Protection allows organizations to defend their web presence, preserve sales revenue and safeguard their company and reputation. DDoS attacks are increasing as attackers all over the world adopt this weapon. A 2016 Data Breach Investigations Report found that DDoS incidents had doubled from 2013 to 2014 and cyber criminals try out new attacks all the time.

Driving this surge in DDoS attacks are both hacktivists and attackers for hire. They can threaten virtually any organization at any time by blasting servers with tons of data to overload and bring systems crashing down. Cyber criminals take aim with their botnets of malware-infected computers to wreak havoc – no matter your company’s size, location or industry. But we can help bolster your defenses. Our security experts have years of DDoS protection experience, and we’re ready to help you mitigate DDoS attacks and protect your business from the damaging effects. If your web presence is taken down by a distributed denial-of-service (DDoS) attack, up time isn’t the only thing you’ll lose. Customers and revenue may be lost too. But we can help you stop DDoS attacks in their tracks by putting up strong defenses. With our DDoS protection services, you’ll have better peace of mind knowing your internet and other web-connected systems are protected from the latest DDoS attacks.

DDOS ATTACK MITIGATION AND REMEDIATION

There’s typically no warning, so every second counts. When cyber criminals send a DDoS attack to flood your servers and turn your business upside down, you have to be ready to fight back at a moment’s notice. You need fast DDoS threat detection to identify the attack and prevent it from taking down your web presence and your business. With DDoS Shield – a high-capacity, cloud-based DDoS protection service – you can quickly reroute DDoS traffic and keep your IT resources readily available.

DDoS protection appliances can identify and handle large amounts of traffic trying to harm your business. Then it can quickly scale to control even large DDoS attacks no matter which carrier or internet service provider you use. And it handles attacks against most internet-connected services – web, e-mail, File Transfer Protocol (FTP) and more. DDoS Shield can be customized to align with your risk management policies. You can use your existing hardware to maintain routing control of your IP traffic. And if your own DDoS mitigation services get overwhelmed, you can easily send your traffic to DDoS the DDoS protection appliance.

CYBERCRIME

Modern cybercrime is a world-wide epidemic and the shortage of trained security professionals is at an all–time high; partnering with an MSSP has become a security best practice for organizations that want to protect themselves from the latest threats and attacks. Choosing the right managed security services provider is critical. Our DDoS assessment services will help you with evaluating and choosing the right DDoS network security strategy to extend your security team, protect your organization, and help optimize your security resources. We review key areas that need to be considered when making critical decisions about specific security solutions that are must-haves for today’s advanced threat environment.

FEATURES AND BENEFITS

Managed DDoS Protection Services is a fully managed security service to help organizations respond to the threat of DoS and DDoS attacks. The service staff augments adaptive rate controls to perform real–time analysis of ongoing attacks, tune existing rules and create custom rules as required, and adapt to changing attack vectors and multi-dimensional threats. Managed DDoS Protection Services provides organizations with dynamic protection against a broad range of potential DoS and DDoS attack types, regardless of size and complexity, and even as they change over the course of an attack. Managed DDoS Protection Services provides automated DoS and DDoS protection that complements the Web Application Firewall solutions to offer comprehensive protection of an organization’s web assets. Managed DDoS Protection Security Services provides organizations with a simple and effective solution to mitigate the growing threat of DoS and DDoS attacks.

We will have real-time visibility into security events and the ability to drill down into attack alerts to learn what’s being attacked, by whom what defense capabilities triggered the attack declaration, and what specifically in the requests triggered site defenses. Combining a highly-scalable infrastructure with in-depth, 24×7 Security Operations Centers, Managed DDoS Protection Services are able to defend against the largest and most sophisticated attacks. The high capacity and resiliency of the Managed DDoS Protection services stops even the largest network – and application – layer DDoS attacks before they reach your applications. Managed DDoS Protection service provides advanced attack detection to quickly identify brute-force volumetric attacks or more refined methods to keep your business operating. Managed DDoS Protection service will:

Attacks Response – Maintain site availability during attacks with the scale to deflect/absorb the largest DoS and DDoS attacks.

Cost Reduction – Reduce costs associated with DoS and DDoS protection by leveraging globally distributed cloud security platform.

DoS And DDoS Attack Protection – DDoS Protection service provides organizations with dynamic protection against a broad range of potential DoS and DDoS attack types, regardless of size and complexity, and even as they change over the course of an attack.

DoS And DDoS Attack Support – DDoS Protection service is a fully managed security service to help organizations respond to the threat of DoS and DDoS attacks. The service staff augments adaptive rate controls to perform real-time analysis of ongoing attacks, tune existing rules and create custom rules as required, and adapt to changing attack vectors and multi-dimensional threats.

Rate Controls – Automatically protect applications against application-layer DoS and DDoS and other volumetric attacks by monitoring and controlling the rate of requests against them. Behavior-based rules respond to bursts of requests in seconds, selectively alert/block attackers based on IP address and other parameters, and mitigate slow POST attacks.

Reduce Risk – Reduce business risk with fast and effective mitigation of DoS and DDoS attacks, backed by industry-leading SLAs.

Security Monitoring – Real time visibility into security events and the ability to drill down into attack alerts to learn what’s being attacked, by whom what defense capabilities triggered the attack declaration, and what specifically in the requests triggered site defenses.

Managed Security SIEM

AHamson can provide you with enhanced security and compliance through our managed log management, Security Incident and Event Management (SIEM) as a Service. We can design,supply, implement, tune, monitor and manage SIEM as a service, providing you with significantly enhanced protection, enabling compliance, without the costs, skills and resource overheads of your own turn-key solution.

Traditional security solutions are no longer adequate on their own to address the new range of risks and threats posed to your Information Services. Use our SIEM services to bring event, threat, and risk data together to provide strong security intelligence, rapid incident response, seamless log management, and extensible compliance reporting

Use our SIEM service to:

  • Design, supply and implement an industry leading Log Management and SIEM solution to protect important or at risk information assets.
  • Configure SIEM log capture, correlation, analysis, monitoring, reporting and threat response in accordance with your policy, best practices and compliance obligations
  • Provide ongoing SIEM tuning, maintenance and change control.
  • Provide regular incident, alerts, audit and usage reports
  • Optionally supply value added services such as incident response and mitigation services to alerts, events and incidents raised by the SIEM.
  • Provide support and maintenance services on the SIEM platform to ensure optimal and continuous operation and performance.
  • Help achieve compliance for your log management, archive, regular log file review and event management policy requirements.
  • Securely capture your log file information, vault it, manage it and have it available for analysis and forensic investigation if required.
  • Correlate risk, threat and event information to provide meaningful prioritised security intelligence for appropriate and timely mitigation and actions.
  • Provide meaningful compliance audit and reporting of security on your networks and information systems.

Access near real time global threat intelligence data from globally deployed sensors to have minimise the impact of new threats and zero day attacks

Security Information & Event Management Solutions

Use our SIEM solutions and services to bring event, threat, and risk data together to provide strong security intelligence, rapid incident response, seamless log management, and extensible compliance reporting.

AHamson Solutions help organisations bring together the information from all of their Information Security infrastructure in order to securely store and analyse what is happening on your networks and Information Systems. This allows you to determine whether you are at risk, are under attack or have suffered a security event. It allows you to react appropriately to prioritised information in a timely manner. It also allows you to securely retain key event and log information for subsequent forensic investigation. Finally it allows to provide detailed reports and demonstrate compliance with relevant industry, best practice, regulatory and legal frameworks.

  • Help achieve compliance for your log management, archive, regular log file review and event management policy requirements.
  • Securely capture your log file information, vault it, manage it and have it available for analysis and forensic investigation if required.
  • Correlate risk, threat and event information to provide meaningful prioritised security intelligence for appropriate and timely mitigation and actions.
  • Provide meaningful compliance audit and reporting of security on your networks and information systems.
  • Access near real time global threat intelligence data from globally deployed sensors to have minimise the impact of new threats and zero day attacks.

Managed Perimeter

AHamson can provide you with a rich set of multi-layered perimeter security solutions as a service to protect you from all of the external and internal threats passing through your perimeter on your corporate networks and in the cloud. We can design, supply, implement, tune, monitor and manage a complete secure perimeter as a Service, or individual elements of a secure perimeter, providing you with significantly enhanced protection, enabling compliance, without the costs, skills and resource overheads of your own turn-key solution.

Traditional network perimeters definitions no longer apply. Traditional security solutions are no longer adequate on their own to address the new perimeters or the new range of risks and threats posed to your Information Services. AHamson Solutions has been working in this new environment for significant period of time and can supply and implement the most comprehensive and effective solutions individually or collectively as a service to help secure your perimeters.

Use our secure perimeter as a service to:

  • Design, supply and implement an industry leading perimeter security solution to protect important or at risk information assets, including:
    • traditional and next generation firewalls.
    • web content security solutions.
    • secure email gateway solutions including anti spam, anti malware, email Data Loss Prevention (DLP), Identity Based Encryption (IBE).
    • Universal Threat Management (UTM) solutions.
    • Network Access Control (NAC) solutions.
    • Remote access solutions.
    • Strong authentication and federation solutions.
    • Network and perimeter based Data Loss Prevention (DLP) solutions.
    • Proactive and reactive security monitoring and management solutions, such as vulnerability management/scanning, Network Intrusion Prevention/Detection Systems.
    • Design, supply and implement Distributed Denial of Service (DDoS) solutions.
    • Design, supply and implement load balancing solutions, caching and DNS solutions.
  • Configure perimeter security solutions in accordance with your policy, best practices and compliance obligations.
  • Provide ongoing tuning, maintenance and change control of your perimeter security solutions.
  • Provide regular incident, alerts, audit and usage reports.
  • Optionally supply value added services such as incident response and mitigation services to alerts, events and incidents on your perimter security solutions.
  • Provide support and maintenance services on the perimeter security platform to ensure optimal and continuous operation and performance.
  • Help achieve compliance for your Information Security policy requirements.
  • Access near real time global threat intelligence data from globally deployed sensors to have minimise the impact of new threats and zero day attacks.

END POINT & DATA PROTECTION

Let us help you secure and manage all of your endpoint devices (corporate and BYOD) from all of the risks they face and pose to your business Your range of endpoint devices are increasingly diverse – ranging from laptops, desktops an servers, to smartphones, tablets and embedded devices. The threats they face and the risks that compromise of an endpoint poses to your network are also diverse ranging from injection of virus & malware to sources of data loss as well as points of compromise from which to launch further internal and external attacks. The definition of ownership of the endpoint on corporate networks or consuming corporate services has also become blurred with the advent of bring your own device (BYOD).

  • Secure all endpoints from the traditional malware and virus threats.
  • Secure all endpoints from data loss or data leakage prevention (DLP) scenarios.
  • Secure all endpoints from vulnerabilities exploitation and compromise.
  • Enforce specified Information Security policies on your endpoints.
  • Enable , if desired complex guest, BYOD and other usage scenarios compliant with your specified policies and procedures.
  • Enforce Network Access Control (NAC)/remediation on your endpoints compliant with your specified policies and procedures.
  • Enforce change management controls on your endpoints.
  • Enable and enforce secure remote access for endpoints and users.
  • Deploy sophisticated endpoint security management, monitoring and reporting solutions to ensure effective deployment and use of solutions. Perform periodic audit, review and testing of endpoint security in isolation or as part of a more comprehensive security audit or review.

Intrusion Prevention

AHamson can provide you with industry leading, proactive threat prevention and management solutions to protect you from all of the external and internal threats on your corporate networks and in the cloud. We can design,supply, implement, tune, monitor and manage the IPS as a service, providing you with significantly enhanced protection, enabling compliance, without the costs, skills and resource overheads of your own turn-key solution.

Traditional security solutions are no longer adequate on their own to address the new range of risks and threats posed to your Information Services and networks on their own. AHamson Solutions has been working in this new environment for significant period of time and can supply and implement the most comprehensive and effective solutions to help secure your networks, systems and applications.

Use our managed IPS service to:

  • Design, supply and implement an industry leading IPS solution to protect important or at risk information assets.
  • Configure IPS monitoring, reporting and threat response in accordance with your policy, best practices and compliance obligations.
  • Provide ongoing tuning, maintenance and change control on your IPS.
  • Provide regular incident, alerts, audit and usage reports.
  • Optionally supply value added services such as incident response and mitigation services to alerts, events and incidents raised by the IPS.

Provide support and maintenance services on the IPS platform to ensure optimal and continuous operation and performance.