Technologies & Solutions
Security technologies in today's world change very fast. For every security problem that exists, there can be multiple competing solutions, each with different capabilities, use cases and protection benefits some of which you may not need. Based on two decades of product and implementation experience, Network Vigilance will guide you through the process that will help you to identify which products and solutions are right for your organization.
Solutions are designed to address computing requirements specific to your individual organization, compliance requirements, risk considerations, and business requirements. We take into consideration the currently deployed security technologies, controls, and counter-measures that may already be in place and help determine whether existing solutions can be upgraded, redeployed, better operated or managed to improve ROI and extend the life of prior investments. Where indicated, we can propose new solutions and technology to replace, update, or integrate with the current environment to achieve your business, compliance and risk management goals.
Solution components that we propose can be selected individually or in blended together with multiple technologies selected from the following:
Encryption Solutions for Data-At-Rest and Data-In-Motion
Encryption solutions range from "data-at-rest" technologies, such as for laptops, servers, databases, tape, USB drives, removable media, etc. to data in "transit" technologies such as, VPN, SSL, Key Management, etc.
Intrusion Prevention & Intrusion Detection Systems (IPS/IDS)
IDS and IPS are crucial components in most security designs today. We take an in-depth approach to evaluate existing capabilities, sensor placement, protection of critical systems or functions, and mitigation of expected types of attacks as well as zero day threats and determine how to best design technology around your requirements. This may include redeployment or reconfiguration of existing systems or the design and implmentation of new technology.
Security Event Management (SEM/SEIM)
Whether you are designing your own SOC, or you want to implment a more basic level of real-time event visiblity to your network and security devices, we can guide you based on years of operational experience of security infrastructure management. We can provide you with a solution design built on commercial technologies that we've already worked with and that have a track record of accurately detecting and mitigating security threats in real-time.
Web Application Firewall (WAF)
WAF technologies were developed in recent years to address the growing threats posed by security vulnerabilities in web applications. Network Vigilance has been on the forefront of designing and implementing technologies that protect against web-based exploits, coding vulnerabilities, and insecure deployments of business applications.
Firewall (Enterprise, Small/Branch Office, UTM)
Network Vigilance supports a variety of best-of-breed solutions firewall technologies to help companies identify the right blend of security technologies within the firewall. Our "vendor-neutral" approach ensures that the best vendor for your firewall technology requirements is recommended. Firewall solutions include the following types of systems:
- Enterprise Firewall - Designed for large and medium enterprises, may or may not incorporate VPN users
- Home/Branch Office Firewall - Designed for small business, branch or home office. May consist of a firewall with multiple security capabilities.
- Unified Threat Management (UTM) Firewall - Multi-security function firewall that includes other security functions such as IPS, Content Filtering, NAC, Application Control, Anti-spam, Anti-virus, SSL VPN, and other functionality into a single appliance.
Web Filtering & Proxy Solutions
There are multiple approaches to web content filtering and proxy today and based on competing and often confusing solutions results vary widely. Potential approaches include cloud-based, premises-based, co-managed, hosted, self-managed, agent-based, SaaS-based, etc. We will help to identify what approach might be the most cost-effective and yet robust enough for your organization.
Anti-Spam & Anti-Virus
Although anti-spam and anti-virus technology today is a well established and somewhat commoditized solution, it is still important to ensure that the solution remains effective and protects against the latest e-mail, web page, and attachment based security threrats. There is often a tremendous amount of management and administrative effort wasted on solutions that are too complex, not sophisticated enough, or even too cheap. We can help you to evaluate the effectiveness of existing solutions and recommend other approaches or technologies as appropriate.
Database Activity Monitoring (DAM) & Protection
Protecting and auditing databases has never been more important. The first step is to gain visibility to what is going on within the environment. This includes making a determination of what kind of user and process access is occurring and ensuring that the privileges are configured according to least privilege or according to company policy. The second step is to be able to monitor and potentially block unauthorized access or attempts to access, copy, or exfiltrate data outside of the network.
The following are areas within application security that can be addressed by Network Vigilance:
- Web Application Vulnerability Assessment - As part of a comprehensive security strategy, it's vital that web applications be assessed for coding vulnerabilities, application misconfigurations, and input validation. By utilizing a web application scan toolset or web application scan service, you can significantly reduce risk exposure to application specific threats and data exploitation.
- Application Code Review - Application code review using automated or semi-automated tools designed to look for logic errors, common coding vulnerabilities, or other programming errors that can result in exposure to sensitive data can be a useful exercise take to protect your business.
Network Vulnerability Scanning
Vulnerability scans that are conducted on a frequent, scheduled basis are considered a security Best Practice in today's business and computing environment. Scans can be conducted on a one-time basis as part of a larger risk assessment or on a quarterly, monthly, weekly, or even daily basis. Scans should be conducted both externally and internally and play an integral part of the vulnerability management process for your organization.
Wireless Security & Intrusion Prevention
Assessment of the airspace and wireless environment regardless of whether you provide wireless connectivity for your company is a security Best Practice for every organization today. Understanding what your wireless risks are within existing wireless infrastructure as well as your client systems via wireless analysis can help you understand what countermeasures to implement. Protections can include add-on security modules for existing wireless controllers, client protection software, or free-standing Wireless Intrusion Prevention Sensors (WIPS).
Endpoint security Solutions are a vital part of every organizations security strategy. Our solutions can address how to secure remote, mobile, and internal desktop systems regardless of where the network perimeter exists. Both agent based and non-agent based approaches are supported. We take into consideration what products and solutions are currently in place and what results may or may not be currently realized.
Network Access Control (NAC)
Network Access Control is one of the most needed, but least understood technologies that organizations can benefit from today. NAC is a key component of an endpoint and remote access security
There are lots of confusing options and solutions for log collection, aggregation, normalization, and correlation on the marketplace today. Network Vigilance can help you find the right combination of products and/or services to help accomplish your organizations log management goals, whether the purpose is compliance, forensics, performance analysis, security event alerting or another objective.
File Integrity Monitoring (FIM)
File Integrity Monitoring (FIM) can be an essential part of your compliance and change management program and practices. FIM can provide you instant notification and auditing of critical files, directories, databases, or user access for systems with confidential, compliance related or other protected data. Solutions range from software, appliance, and service based offerings.
Policy & Compliance Analysis
Policy and compliance analysis tools for firewalls and routers can help you in 3 key areas: 1) Improve security by preventing misconfigurations, 2) automating compliance with a continuous audit process, and 3) achieving operations efficiency to configure, test, and deploy changes. Network Vigilance can recommend a solution whether a one-time evaluation or toolset for on-going analysis.
Monitoring and managing change for security devices and ensuring that a structured process is followed for changes made to firewalls and routers will help every business improve their security posture and ensure that policy and process is followed for critical security assets. Solutions can extend beyond firewall and router change management and can include other systems where managing, tracking and approving change is an important IT process.
Data Leak Protection/Prevention (DLP)
Preventing confidential data from "leaking" out of the network, whether due to a data breach or an accidental user disclosure is a concern for every business today. Solutions can range from enterprise to medium, to small and can incorporate a minimal set of features and functionality or can be sophisticated, depending on what the business requirements are.
Remote Access & Mobile Device Security
Today users connect from a variety of locations including both public and private places including home offices, airports, restaurants, etc.. Our solutions help to secure the remote and mobile workforce and help to protect against unauthorized access or potential intrusion and theft of confidential data. Solutions range from agent-based to non-agent devised technologies.
Distributed Denial of Service (DDOS) Attack Protection & Mitigation
There has been a resurgence of crippling attacks perpetuated through Distributed Denial of Service (DDOS) within the last year or so. Since so many systems are vulnerable to this type of security problem, Network Vigilance has been active in helping organizations design ways to combat these attacks, which include recommendation of technology, service offerings and methods for preventing, detecting, and mitigating the effects of DDOS.