 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Security Management
NEXTGEN Security Management services respond to the growing demand for flexible risk management and security policy enforcement. Delivered from NEXTGEN’s Security Operations Center (SOC), Nextgen 6000 Security Management services are available in a range of subscription-based offerings from firewall device management to intrusion detection services and comprehensive NEXTGEN Security Information Management (SIM) services, that give enterprises a holistic view of their security posture in a centralized management dashboard, including detailed evaluation and detection of security threats across a disparate network infrastructure.
We understand that an enterprise’s need for out-tasked security services varies according to several considerations including:
- The sensitivity of its corporate data
- The enterprise’s threat and vulnerability profile
- The internal manageability of its security policy
NEXTGEN Security Services offer flexibility of choice to best align NEXTGEN’s out-tasked expertise with the customer’s in-house capabilities and resources.
NEXTGEN Security Service Value Tiering
Drivers
The primary driver of “holistic” security information management is the failure of intrusion detection systems (IDSs) to separate real threats from the background noise of ineffective probes, false alarms and normal system changes.
Other key drivers are summarized below:
Failure of IDSs
The inability of IDSs to minimize false alarms has created a need for automation that can collect, normalize, correlate, aggregate and assess the overwhelming number of alerts generated throughout the IT security infrastructure.
The High Profile of IT Security
There is increased awareness of, and concern about, security vulnerabilities. Well-publicized software viruses, denial-of-service attacks, and a continual stream of newly discovered system and application vulnerabilities have increased the general awareness of security exposures.
Liability and Audit Concerns
Enterprises have liability concerns about the privacy of their data, as well as their capability to demonstrate proof, via audit, of their compliance to regulatory strictures.
IT Operations Silos
The IT organization continues to spread security responsibility across operational “silos”, including network support, systems administration, e-mail administration and IT operations. This leads to the need for centralized management to summarize and consolidate security data for threat analysis, and the compilation of vulnerability and compliance data to satisfy audit requirements.
The Financial Impact of Security Incidents
The impact of security attacks is considerable, negative and direct and can include the following:
- Loss of employee productivity
- Damage to corporate reputation
- Cost of associated downtime
- Losses from security breaches
WHY NEXTGEN?
Full MSP Offering
When combined with NEXTGEN’s network, server and IP telephony management services, our comprehensive suite of security management services provides a holistic view into the performance, health and security of the entire IT infrastructure.
Service Integration
NEXTGEN provides integration of OSS, service delivery and service management as well as integration of analysis and reporting across all components of a customer’s IT infrastructure including, WAN, LAN, security, servers and IP telephony.
Process Automation
NEXTGEN’s Security Operations Center (SOC) is staffed with network, systems and security experts who monitor and protect the customer’s security infrastructure on a 24x7 basis. ISO 9002 processes and procedures ensure rapid response to, and resolution of security incidents.
webCenter™
Our interactive customer portal provides the customer with a real-time view of their security posture from a centralized dashboard.
Rapid Deployment and Low Predictable Cost
Customers can acquire a fully operational out-tasked managed security solution that complements internal IT security resources for an affordable and predictable monthly fee. NEXTGEN’s New Customer Introduction (NCI) process ensures the rapid implementation of the solution.
Operations Efficiency
NEXTGEN Metrics of Excellence
- Automated problem detection and ticket generation – less than 2% of tickets are generated by customer phone calls
- Mean Time to Action (MTTA) less than 2 minutes across all customers under management
- Mean Time to Repair (MTTR) less than 60 minutes for all network and security events across all severity levels
- 82% of problems resolved without dispatch
- 41% reduction in average failures per device
Accelerated ROI
NEXTGEN’s Metrics of Excellence contribute directly to an accelerated ROI through:
- Minimized impact of security incidents
- Maximum availability of the IT infrastructure and e-business applications that depend on it
- Capital cost avoidance and reduction in IT spending, including operational and physical maintenance
Security Feature Set
| Service feature set |
|
||||||||||||||||||||||
| Component | Group | Description | |||||||||||||||||||||
| Monitoring | Device | Hardware and interface availability failures | • | • | • | • | • | • | • | ||||||||||||||
| Performance and threshold conditions | • | • | • | • | • | • | • | ||||||||||||||||
| Security | Security events and alarms | • | • | • | • | ||||||||||||||||||
| Suspicious activity | • | • | • | • | |||||||||||||||||||
| Performance | Device | Hardware and interface performance | • | • | • | • | • | • | |||||||||||||||
| Trends and capacity | • | • | • | • | • | • | |||||||||||||||||
| Security | Summary: Top 10 by IP Address/Violations | • | • | • | • | ||||||||||||||||||
| Correlation: Suspicious Activity | • | • | • | • | |||||||||||||||||||
| Problem | Device | Own problems from detection through to resolution |
|
• | • | • | • | • | |||||||||||||||
| Implement notification and escalation procedure |
|
• | • | • | • | ||||||||||||||||||
| Security | Incident Response | • | • | • | |||||||||||||||||||
| In & out of context changes |
|
|
|
|
• | ||||||||||||||||||
| Configuration | Device | Maintain a database of asset inventory |
|
• |
|
• | • | • | • | ||||||||||||||
| Backup firewall configurations |
|
• |
|
• | • | • | |||||||||||||||||
| Security | Configuration history of rule, policy and technical changes |
|
• | • | • | • | |||||||||||||||||
| Recommended upgrades, patches and configuration changes | • | • | |||||||||||||||||||||
| Change | Device | Operating system updates, patches, and signature installs | • | • | • | • | |||||||||||||||||
| Operating system upgrades | • | • | |||||||||||||||||||||
| Security | Implement pre-designed technical changes | • | • | • | • | ||||||||||||||||||
| Design rules, policy, signature tuning & technical changes | • | • | |||||||||||||||||||||
This table provides a helpful high-level snapshot of service features by category and by specific service offering. The summary feature descriptions are organized according to the core service components delivered from NEXTGEN’s Security Operations Center (SOC), namely:
- Monitoring - 24x7 remote monitoring services for all security devices including a variety of reactive, active and proactive features.
- Performance - Continuous acquisition of security device element performance data, statistical analysis and generation of detailed, aggregated, and custom reports on the behaviour of security devices.
- Problem - Assumes end-to-end responsibility for detection, reporting, isolation and resolution of problems or faults. Integrated monitoring, and reporting systems ensure rapid, accurate execution at all phases.
- Configuration - Maintains a database of security device configuration and interconnection specifics.
- Change - Controls and coordinates ongoing changes in security device configuration, recording all changes using detailed Change Management tickets.
NEXTGEN IT OUT-TASKING SERVICES
NEXTGEN delivers 24x7 remote management, or IT operations out-tasking, of the following components of enterprise IT infrastructures:
Nextgen 5000 Network Management
Includes WAN, LAN, VPN, VLAN, wireless and optical networks.
Nextgen 6000 Security Management
Includes monitoring and performance of firewalls, network IDS, host IDS, VPN, security information management, and incident response.
Nextgen 7000 Server Management
Includes UNIX, Windows/Intel and Novell platforms.
Nextgen 8000 Application Management
Includes Cisco based IP telephony Call Managers, Unity Servers, and related infrastructure.
ABOUT NUVO webCenter™
NUVO webCenterT is a secure, real-time web interface that allows the customer to:
- Access comprehensive daily, weekly, monthly and historical performance reports
- Obtain inventory information including device and operating configurations (where possible)
- Request detailed problem ticket information related to Security failures and outages and obtain a variety of summary reports for all activities related to the resolution of Security problems
- Monitor key high-level parameters against service level targets to facilitate the management of all service providers and to ensure that the Security environment is operating within pre-established performance objectives
* The NUVO logo is a registered trademark of NUVO Network Management, Inc. All other registered trademarks and service marks are the property of their respective owners. These service descriptions are based on service levels at the time of printing and are subject to change without notice. Service delivery may be limited by capabilities and configuration of the customer technology. © NUVO Network Management, Inc. 2004.
 |
 |