Why is Managed Firewall Protection a good investment
The foundation of protection against cyber threats in every organization, regardless of its size or nature, is the firewall system. It is frequently supplemented with extra functionalities – IPS, AV, URL filtering. Traditional firewalls are based on a multi-level analysis of traffic. They first use a traditional application detection model based on the TCP/UDP port. This causes leak-resistance problems in the system protecting the network contact point. Running additional application monitoring modules in traditional solutions radically reduces the system capacity. On the other hand, allowing all the applications using a specific set of ports to access the internet is something not to be accepted. This represents a direct threat to the company and its internal security rules.
It is important to preserve balance between completely blocking the system and utterly free but secure access. Thus it is worthwhile to apply more detailed, secure criteria for using the applications. What needs to be considered is the elements that are important from the company’s perspective – namely, identity of applications, identity of people using the applications or content provided by those applications.
Such an approach is inevitable. Applications use various ports, they successfully skip firewalls and carry threats with them. They more and more often use encryption and open doors to corporate espionage. The list of challenges a contemporary firewall must face includes also the users, who in their work use multiple devices, in different locations, with dynamic IP addresses.
Exatel Managed Firewall Service
Managed Firewall is a complete and state-of-the-art protection of the customer’s IT resources. The service may comprise the following functionalities:
- intrusion inspection (IPS/IDS)
- antivirus, antimalware
- private virtual network for remote connections with mother company (IPSEC VPN/SSL VPN)
- URL filtering
- application control
- SSL traffic inspection
- data leak prevention (DLP).
The service has been built with the use of technology of Palo Alto Networks – a leader and pioneer of new generation firewalling. A security policy following this technology is based on network traffic detection and control. It uses identification of applications, users and transmitted content. Security solutions used so far were based on identification of IP addresses, ports or network services.
The Managed Firewall service allows the customer to activate various security functions to ensure protection of their IT resources. For each user we may set up a unique security profile containing functionalities that are independently configurable. Such a configuration approach lets the customer apply very precise, strictly individualized security policies, different for each user.
The Managed Firewall service offers the customer the possibility to view and control, in real time, how specific users work with the application. In this way the customer is able to precisely analyze the transmitted content or visited websites. This means the administrators can easily and quickly identify potential threats.
How the solution works
The service is delivered in two models:
- Using efficient and redundant central unit located in Exatel Data Center.
- Based on a platform designed for the customer and deployed in a location of their choice.
How the solution works – central firewall model
How the solution works – local firewall model
Scope of the service
- configuration, activation and maintenance of the service,
- active 24/7/365 monitoring of security of customer’s IT resources,
- online reports,
- full support provided by experts throughout the entire cooperation cycle, including the pre-sales stage. The support includes an analysis of the existing infrastructure, customer’s needs and preparation of a functional solution,
- Service Level Agreement (SLA),
- one contact point – 24/7/365 Customer Service Line.
Benefits of the service
- comprehensive and professional protection of the customer’s IT infrastructure against various cyber threats,
- configuration customized to customer requirements – various service models available,
- free-of-charge reports on threats available at a website
- security always up to date as the signatures are updated on a daily basis;
- no capital investments on the customer’s part,
- monitoring of applications used and websites visited by the employees,
- simple and attractive pricing model,
- service available on lines provided by different operators.