Professional Services work alongside customers in the study, design and implementation phases of security solutions that are best suited to the reality in question.
Web application firewall
The WAF (Web Application Firewall) solution is a software or hardware tool that controls the web traffic directed to the applications to be protected in a completely transparent manner for the applications themselves and interprets the html traffic with the aim of detecting and possibly blocking actions that are not permitted or malevolent. This functionality enables the application protection rules to be defined in a specific and precise manner by analysing their normal use. The WAF also provides the ability to monitor the security level in real-time and to generate a series of reports, already configured but completely customizable, in order to certify compliance with certain standards or to allow analysis on the level of application protection (e.g. support in Application Vulnerability Assessment processes)
Log Management & Event correlation
These are solutions that allow log management and analysis of all types, such as those of Windows events, databases, applications and security systems. Logs are signed and validated to guarantee authenticity and integrity: a requirement for compliance with the law and legal value. The predefined sets of rules for compliance and reporting, simplify respecting compliance and execution of policies by the company. By correlating the information contained in the different logs, it is possible to analyse the various business contexts in a fast and thorough way to identify critical threats, act quickly and respond simply to compliance requirements. Continuous updating on global threats and business risks enables adaptive and autonomous risk management, making responses to threats and reporting for compliance issues available in minutes.
Hardware or software solutions that analyse database traffic in real time by detecting all the transactions in progress, the authors, the applications and the data in play. These solutions automate the database discovery, protection, monitoring and security management processes and do not require specialized knowledge of the database system, thus helping the IT team to achieve faster turnaround times. DAM systems offer solid protection and constant compliance without requiring architectural changes, expensive hardware and / or downtime
File server protection
Hardware or software systems that offer monitoring, tracking, real-time file protection and user rights management for files stored on servers and devices connected to the network. File server protection systems monitor every file access to verify who owns it, who is using file data and protects the confidential data by alerting and possibly blocking unauthorized access. These systems make it possible to speed up investigations through relevant reports and analyses, also controlling file access without compromising file server performance.
Advanced Threat Prevention
Systems capable of detecting zero-day malware not yet registered with an innovative multi-level approach. These systems bring together in real time the reputation of the objects analysed and in-depth analysis of the static code and dynamic analysis (sandboxing) to analyse the behaviour of executables (pdf, word, etc.). They represent the most effective protection available on the market against advanced malware that can effectively balance protection and performance needs. They can analyse network traffic, or specific email and web traffic, or even analyse end-user files (desktop, laptop or mobile) in order to detect evolved malware nested within commonly used carriers.
Today it is very easy to lose control of a confidential document that, without protection, can be printed, copied or forwarded to a competitor or to a press agency. Even employees can keep and use the documents in their possession even when they no longer collaborate with the employer. The Virtual Vault systems of data loss prevention that protect the confidentiality of information through using encryption, provide complete protection to prevent the improper use of confidential files by collaborators, suppliers and unauthorized users.
The ever-increasing demands for employee access to corporate networks via smartphones are creating a series of complex security problems for companies. They are indispensable tools for the business of a company because they help to increase the productivity of employees, guaranteeing easy access to networks.
If the devices are not adequately protected, it is easy to cause the loss or theft of important sensitive data, as well as legal and compliance problems.
Secure Group implements Mobile Security solutions that guarantee a high level of protection for mobile devices by ensuring authentication, confidentiality, integrity and availability of data in 24/7 mode including: antivirus software, personal firewall, antispam, loss or theft protection, control and monitoring of devices
Secure Single Sign On, Password Syncronization and Access Control
In multi-platform environments, where each user has different services available, it is imperative to avoid a user having to remember a large number of passwords. The existence of a unique password linked to the user allows ease of use for the user, making security transparent.
The solutions concern different services on different operating systems that host different applications, and interact with Legacy, Mainframes environments using email or news servers: Password synchronization, Secure Single Sign-On, Reduce Single Sign-On, Access Control.
The proposed solution is always compatible with the most common web servers on the market: Netscape Enterprise, FastTrack, Microsoft IIS, Apache; supports Application Server such as BEA WebLogic and Oracle. Through the use of APIs, other user applications are also integrated.
NAC – Network Access Control
Secure Group implements Network Access Control (NAC) solutions useful for controlling access to the network by various devices, including smartphones and other mobile devices.
The solutions enable you to:
- Have complete and continuous visibility of the devices on the network (even all mobile devices)
- Authenticate users silently
- Apply corporate policies (Antivirus / Personal Firewall)
- Block any unwanted applications or actions
- Automatically move users to different VLANs or isolate them (quarantine)
- Block unwanted USB devices
- Create a virtual firewall around each PDL / User
- Act as Anomaly Intrusion Prevention by intercepting unknown Viruses and Malware
- Do reporting.
Intrusion Detection System
The provision of Intrusion Detection solutions serves to have an exact confirmation of the validity and adequacy of its security systems implemented on networks, machines and applications:
– Traffic monitoring – Automatic reaction against an intrusion – Alarm management from Centralized Console – Integration with Firewall and active networking devices.
Defence and Operating System Hardening
The Hardening service defines various procedures for customizing hardware protection systems in order to reduce vulnerabilities to possible attacks. It considers all aspects of an IT system ranging from authentication, data integrity to protection at the level of the internal operating system. The last step in the hardening process of the system consists in ascertaining its conformity to those safety criteria that have represented the guidelines of all the previous configuration phases and to verify that it does not change over time and therefore remains in compliance with the corporate security policy.
- Realization of perimeter defence systems
- High Availability and Load Balancing solutions
- URL Screening, Antivirus, Content Analysis
- Bandwidth management
- RAS with strong authentication
The service provides the ability to perform the operation of copying the information and applications present on all the machines for which you wish to preserve the integrity of the data and to schedule a possible recovery from a single point remotely or on site.
In order to protect the organization from risks connected with interruptions of the business environment due to unforeseeable events that can cause loss of data, applications or vital information, it is important to activate a Disaster Recovery service that immediately manages the loss or destruction emergencies of these restoring the last preserved state.
- Analysis and study of AAA (Authentication, Authorization, and Accounting) issues and solutions related to access to resources and corporate network services
- Design of secure networks
- Installation and configuration of VPN-based solutions (IPsec, IKE, L2TP, PPTP)
- Configuration and functionality related to security on network devices (NAT, VPN, AAA, IOS Firewall)
- Advice on the introduction of secure, encrypted and authenticated connections both within the company network and from / to connections with external networks
- Troubleshooting on the use of RADIUS Server and TACACS +
VPN – Virtual Private Network
Secure Group implements the VPN design, installation and customization service which consists of setting up a strong encryption virtual channel in order to allow the connection of remote sites and users to the main network. VPNs allow you to take advantage of the low costs of normal dial-up services and Internet flexibility for the collection of mobile users and branch offices.
Business Continuity/Disaster Recovery Projects
Secure Group provides a consultancy service for the definition of a Business Continuity / Disaster Recovery project as follows
- Initial analysis of the Information System (Business Impact Analysis)
- Solution Design (architecture, sizing, security)
- Detailed specifications
- Business Continuity Plan (Contingency Plan)
- Cost evaluation
- Feasibility study / preparation Technical Specifications for tenders / calls for tender
- Consultancy in the analysis phase and choice of the reference Supplier / best choice
- Consultancy in the implementation phase of the identified Solution, Project Management
Data Loss Prevention
Secure group implements Data Loss Prevention (DLP) solutions useful for the management of company information in order to keep confidential information confidential against attempts at theft or incorrect use.
These solutions allow organizations to have control of sensitive data, to instruct users to correctly manage data and to comply with corporate compliance and rules.