Managed Intrusion Prevention and Detection
Preventive Control: IPS
infotex uses an automated Intrusion Prevention Service that responds to predictable attacks within seconds. We get our signatures from Emerging Threats Pro, which reportably catches double the amount of malware, 20% more “exploits”, and about 10% more in all other categories… all while performing better. There’s only one problem with all this. The notion that security can be automated is a myth!
Detective Control: IDS
Sure, you can automate some of the processes in information security, but without Human Beings monitoring these processes, the result is a false sense of security. We’re here 24x7x365, watching your network and RESPONDING to threats. If something out of the ordinary happens, our Security Analysts are here in real time to investigate and respond. For detection, we use thousands of signatures as well as protocol and anomaly analysis. infotex also adds customized signatures to detect the issues and activities that you are most concerned about.
Yes, we have all the fancy charts and graphs and reports. And, as a Managed Services client, you are welcome to learn our interface and download all kinds of great information and statistics about your network. But, with our managed services, human beings monitor your network. Rather than making you “pull” information from the system, human beings decipher the information and push it to you. You only see what you need to see, when you need to see it. infotex Security Analysts decipher the graphs and charts, review the data collected in your database, and create reports with varying levels of detail to share with your Incident Response Team.
Managed Security Service Provider
We customize our approach to your unique needs, not only in our reporting and response “decision tree,” but also in how we connect to your network. Our Intrusion Prevention Service can be in-line, utilize Dynamic ACL updating, or leverage a LAN Bypass function so that the sensor is not a single point of failure.
Working one-on-one with you, infotex will develop layers of protection to fit well into your existing security management process, leveraging a suite of services.
Our Decision Tree is a matrix listing all the predictable security incidents and your customized instructions as to the appropriate response. This includes a “first choice” to a “last resort” response. The result is that you will comply with Section 314.4(b)(3) of the FTC Standards for safeguarding customer information; final rule (16cfr, part 314). This ruling is a result of the GLBA that requires you to have a system in place for detecting, preventing and responding to attacks, intrusions or other system failures.
When you engage with us, infotex will help you create a calling tree . . . . very similar to what you’re already using in your Disaster Recovery Plan, only in this case it’s focused on Network Incidents. You will use the calling tree to direct us on how to respond to various types of incidents. It can get as granular as you wish.
The calling tree, by the way, is just one part of your overall Incident Response Program, which infotex will help you write, as we will become part of your Incident Response Team. Other documents related to what we do include your data retention policies, asset management procedures, access management procedures, and change management procedures.
Speaking of change management, infotex will scan a range of IP addresses on a monthly basis, reporting the ports that have changed since the last scan. Not only is this a great security tool, but it is an excellent change management tool as well.
Analysts will be communicating with you regularly and thus we will show you how to send e-mail down a V-tun as well as setting up a secure chat infrastructure if you wish to use it. Beyond that, infotex also provides a secure portal for file transfer purposes, and many of our clients use this to store passwords, disaster recovery plans, and other documents that require secure, off-site storage.