The number of security incidents continues to rise—ransomware* being the latest threat—organizations face countless challenges in securing their networks, servers, applications and critical data. Computer security is a never-ending game of cat-and-mouse, the dynamic threat arena and complex, fragmented security solutions call for a new security model. Enterprises need a simpler, scalable, threat-centric approach that provides visibility and control of threats before, during, and after they occur.
For organizations who need to review their existing information security defenses, NFF offers a comprehensive Security Architecture Consultation service. This “High touch” engagement assesses the capabilities and requirements throughout the network, and provides a single view of what is needed to build an end-to-end security architecture to meet organizational goals.
NFF also offers a Network Threat Assessment. This is a network traffic capture for over 2 weeks. At the conclusion of this capture, NFF analyzes and creates a report of all application traffic, intrusions, transferred malware, and other suspicious traffic types (botnets, C2, phishing, ransomware etc.) that occurred over this time frame. This report provides actionable intelligence as well as a clear understanding of the value of NFF’s security defense solutions.
NFF answers the modern security threat landscape through the following solution areas:
Security Threat Defenses – Systems to defend end users against modern security threats across your network, while off your network, and on the end user endpoints themselves. This includes:
- Next-Generation Firewalls (NGFW) provide application visibility and control on top of existing address/port control features found in standard firewalls today.
- Intrusion Detection/Prevention (IDS/IPS) scans traffic on the network and analyzes it to find any traffic patterns that match known attack vectors.
- Web Security enforces a set of policies that prevent systems from compromise by preventing communications with known malicious, or otherwise untrusted, websites.
- Advanced Malware Protection provides visibility and control of the software transferred on the network or running on endpoints, preventing known malware and continuously analyzing and recording actions of other yet-unknown files.
- DNS-Based Visibility and Control gives organizations another layer of protection for their end-users through intelligence in DNS name resolution, on or off the network.
- Unified Threat Managers (UTM) provide a streamlined, single-box solution for smaller IT organizations to deliver many of security threat defenses above.
Security Data Analytics – Analyze security intelligence data to easily investigate incidents, find advanced persistent threats, and efficiently meet compliance controls.
- Splunk Enterprise and SIEM provide big data analytics for the entire organization’s machine-generated security data, correlating and reporting across vendors, platforms, and placement.
- Network-as-a-Sensor gathers summary data of all network transactions to look for anomalies in the traffic patterns that could be caused by APTs and to assist in investigating incidents.
- DNS Intelligence provides the necessary investigative tools for pivoting through domain resolution information to view real-time contextual DNS information of other ongoing attacks.
Trusted Identity Services – Confidently identify both the users and endpoints on your network and use this information to centrally enforce data access policies on the network.
- Network Access Control ensures that wireless, wired, and remote networks allow their users and devices only the connectivity required.
- Guest Lifecycle Management provides options for network connectivity to guest users through self-service and sponsored access mechanisms.
- Mobile Device Management fills the gap left by traditional device management to ensure organizational security policies are enforced on devices that access protected data.
Content Filtering – Enforce policy requirements and enhance safeguards through screening content types of email and web traffic
- Web Content Security provides outbound web proxy features with use of advanced security protection, acceptable use enforcement, and robust reporting delivered via on-premises and/or cloud deployments.
- Email Security couples traditional anti-SPAM features with using the latest security intelligence to block malicious attachments and hyperlinks within emails.
Click here to learn more about addressing the security needs of today’s higher education network environments with OpenDNS.
* Schedule a Network Threat Consultation here.