Today’s world is dependent on technologies and information
Do you have them secured?
The IT security is a never-ending process.
Management of security events provides a control over the safety incidents which occurred during the operation of information and communications technologies. It is provided by:
Intrusion detection, which traces suspicious activities executed by users. By analyzing these activities it is possible to detect whether there is a violation of systems security and to react adequately to these threats. Saving all activities enables creating reports for a certain period of time and assessing the behaviour of the system, network, users, applications and other sources to be found in the information system.
Antivirus protection, which allows preventing the virus attacks by regular and continuous checks of data for the viruses detection.
The objective of the solution is to implement the corporate security policy and secure the required protection of corporate information assets and sensitive data. At the same time, it means the prevention of::
- Leakage of sensitive financial data of strategic character as a result of a hacker intrusion, computer infiltration or leakage of sensitive information from the inside of the company,
- Delay in production, logistics and business as a result of the unpreparedness for the intentionally caused IS fallouts,
- Unauthorized release of sensitive company data and many other.
Protection of the organization against the external threats by means of a firewall is a basic security mechanism the implementation of which today is a must in the organization. Along with the development of the internet, new security threats are coming, against which the organizations must protect themselves. This is associated with the evolution and systematic improvement of firewall solutions.
The contribution of these solutions is the protection of the network mainly when browsing the web pages and transferring files:
- Filtering of inappropriate content,
- Limiting of operation not related to the company’s activities,
- Secure connection to the company network from any place in the world.
Solution of prevention and intrusion detection
The IDS tools (Intrusion Detection Systems) are dedicated mainly for a detection of an intrusion and malware intrusion into the organization’s network, while their more recent generation is the IPS (Intrusion Prevention Systems), working as a proactive network protection, which means preventive protection against any intrusions. Such devices are being applied behind the organizations’ firewalls, where they represent further level of protection against the external threats and also in the form of agents directly to the protected server or desktop. Such active sensors are usually controlled and monitored by the central management which is able to collect and analyze the information from the sensors and other elements of IT infrastructure.
The most important feature of the solution is the ability to stop the majority of destructive attacks at the junction points between the two networks, disregarding the fact whether it is the classic network, wireless network, extranet of the partner or a branch.
Remote access solution (VPN)
Today it is necessary to communicate by means of remote access to the own data and internal sources of the organization. The VPN standards (IPSec, PPTP and L2TP) allow secure communication between the networks and clients. Our solutions allow the companies to use the internet as a public infrastructure and use specialized protocols for the private communication.
Secure e-mail solution, content analysis and anti-spam
Complex securing of electronic mail against the threats from external environment.
- Maintaining the rules of quarantine and content archiving,
- Full control at the required performance,
- Regular update of methods for recognizing the spam and most recent threats in order to secure the highest possible protection of your network,
- Secure connection to company’s network from any place on the earth,
- Segmentation of the network into the groups and assignment of different rights to access.
Complex solution of modern wireless networks
The model solution also comprises a design of a complete replacement of fixed networks, including the implementation of security features for wireless networks (wifi IDS), with the possibility of an access of mobile devices into these networks.
- User friendly unlimited access to the network,
- High mobility,
- Highly secure and fast transfer of data according to the assigned privileges dependent on type and status of the mobile device and on the access point to wireless network.
Monitoring for a detection of security events
It is a solution for basic detection measures which allows monitoring of what is going on in your network. At the same time, it helps to efficiently detect the security incidents. It is also a measure required by Annex A, standard ISO/IEC 27001:2005. From the viewpoint of a certification, the efficient process of monitoring and managing the security events is a must.
As a part of a systematic approach it is also necessary to assess the incidents and events from different security systems:
- Design and implementation of Security Incident and Event Management (SIEM) solutions,
- Design of operational procedures,
- Assessment of security events, filtering optimisation,
- Support of the SIEM solutions operation.
Network security and management of the security events represent only some of the requirements of information security which is solved comprehensively in the area of a real IT operation, not only from the technological but also from the procedural point of view. As a partner for the IT infrastructure, we understand these requirements through our trained and certified specialists.