A network threat detection service must provide the capabilities to ensure continuous monitoring, in order to detect the threats bypassing the preventive security controls. The types of attacks seen today can appear very advanced, but often they are easily identified by monitoring the network traffic.
We offer the following deliverables within this service:
When things get complicated, we will support you and provide direct access to the vendor support.
Hotline is available via email, phone and the customer portal.Response time is defined by the SLA you attach to the agreement:
Analysis & Design
Years of experiences reviewing existing infrastructures, and providing an optimized network design
Implement & Configure
If you buy the solution, we can do more than a simple Rack & Stack. We will support throughout the deployment and deliver a detailed set of system documentation.
Deployments are always performed by combining best practices from the vendor with our own experiences.
Typically we can estimate deployments beforehand and are delivered using fixed pricing. We have the following deployment options available:
Secu Network Threat Detection
Fully hosted and managed threat detection service, by utilizing Tenable SecurityCenter, Tenable Network Monitor and LCE.
Requires a virtual system on-premise and a site2site VPN connection.
On-Premise Network Threat Detection
RSA Netwitness for Logs & Packets
RSA Netwitness for Packets differentiates by performing full packet capture and is unique for incident response and threat detections.
Read more here.
Tenable Network Monitor identifies vulnerabilities and compromised systems. No packet capture capabilities.
See more here.
All solutions can be combined with Symantec (Blue Coat) SSL Visibility appliance, in order to obtain visibility into encrypted sessions.
Fortinet’s flagship FortiGate security appliances deliver ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet’s broad product line of complementary solutions goes beyond UTM to help secure the extended enterprise – from endpoints, to the perimeter and the core, including databases and applications.