Computrad Managed Security Service (CMSS)

Computrad’s CMSS offers Network Security Protection managed service which utilizing a combination of a unique set of tools and techniques developed internally at Computrad to improve the reliability, performance and delivery of applications securely across a organizational network.

Introduction

Many organizations are opting to safeguard their data assets by outsourcing security protection on a managed service basis. Managed security services delivered by Computrad allow you to enjoy all the benefits of centrally managed security without the additional headache of implementing, maintaining, and updating security products and policies. Computrad want to assist you in understanding the critical issues as you begin to explore contracting for managed security services.

We will be looking at the following issues:-

  • Factors influencing today’s organizations in outsourcing security
  • Types of services that are most cost-effectively performed by Computrad as an external provider
  • Provider selection criteria
  • Security planning, design and implementation considerations
  • Security technology

When evaluating outsourcing as an option, a common mistake is to view it as a lower cost alternative to performing the functions in-house. While overall cost-savings may be a driver, low-cost outsourcing can lead to low quality results. A better solution is an outsourcing arrangement that can transform your business functions and add value to your operations.

Security – Reality and Rhetoric

Security is now considered the most critical attribute of organizational networks. However, while organizations are concerned about security, the vast majority of them want to open up their networks still further to partners, customers and mobile workers. The need for an open network can create even more security vulnerabilities. Unless security policies and practices are put into place and monitored and managed at every level to assure that a network is well protected, executives are correct in thinking that security attacks may prove to be the toughest threat to the sustained development of a truly connected organization. For some executives, ensuring security and reliability while extending the company’s networks, is viewed as just another IT expenditure. However, IT security investments should be considered essential by organizations that wish to efficiently and safely broaden access to their networks to meet operational needs. For these organizations, maximizing security and stakeholder access is becoming a critical success factor. Security spending itself is already changing focus. Organizations looking to specialist support services to manage the increasingly complex roles required by network reliability and security. The focus must change from simple layers of perimeter protection and intrusion detection. These measures are becoming increasingly less effective as organizations increase their electronic transactions and communications. At the same time, network threats are evolving. Security must now focus on new and better methodologies aimed at protecting all network assets and operational systems.

Ultimately, security services will move towards the Holy Grail – monitoring and performing tasks automatically. However, in the meantime, these services require increasingly specialized configurations and on-going monitoring and management to be truly effective.

Increasing Network Threats

Statistics demonstrate that network threats are increasing – both frequency and severity. Attacks on network vulnerabilities now occur at such an alarming rate with dynamic and changing profiles, that, unless an organization has a dedicated emergency response team in place, 24 hours a day, seven days a week, they are unlikely to be prepared for most future network attacks. A few years ago, it took virus writers a year or more to develop and release an exploit after a software vendor revealed a vulnerability and released a patch. Now virus and worm attacks have demonstrated that the timeline continually reduced. As this timeline continues to decrease, there is almost no time for any type of software regression testing or quality assurance before an organization has to implement a patch. We are now dealing also with “zero-day attack” in which an exploit is released before the vulnerability has been identified and a patch developed, tested and publicly released. It is exactly a situation like this that requires constant network monitoring. You also need the tools required to quickly lock-down portions of your network in order to maintain primary system integrity and contain, control and eliminate the threat. While the network perimeter is still a vital part of any organization’s security hardware profile, new exploits are now able to find their way into networks though numerous other means. They are becoming adept at masquerading as HTTP data, which will bypass perimeter firewall policies.

Most firewalls these days are only about 30% effective since they are behind the current threat levels that are hitting organisatiosn daily and are allowing zero day threat exploits through the firewall at port 80..

Computrad are proud to announce they now are the first Managed Security provider to have application aware perimeter firewalling stopping these next generation threats.

Viruses and worms are also dynamic in their signature profiles, and malicious code so now viruses  have “polymorphic” capabilities – every time they replicate, they are capable of changing their signature. This means that virus detection systems (VDS) and Intrusion Detection Systems (IDS) with a static rule set will fail to detect or restrict these types of viruses and worms. In order to defeat such attacks, being able to identify the threat quickly and isolate the infected hosts or network segments even more quickly is imperative to protect network assets and to provide continued system availability to uninfected users.

Network Perimeter Killers

Network administrators and security experts are also seeing a proliferation of devices that are becoming “network perimeter killers” such as smartphones and PDAs that are often connected to network hosts. These devices, which also have their own wireless connectivity to different networks, are not adequately protected against many of the main network viruses and worms despite the fact that they can provide backdoor access into the primary network. We are seeing a market adoption of Bluetooth dongles with over a one hundred meter range – being connected to USB ports without an IT administrator’s knowledge or authority. These devices can often open unknown back doors into the primary network if the default configuration is followed. Class 1 Bluetooth devices and improperly configured wireless networks are the most common illegal access points into networks at this time. Security experts are also seeing an increasing use of peer-to-peer (P2P) applications, which are specifically designed to circumvent traditional IT perimeter infrastructure. Many of these P2P applications offer paths into an organization’s network that can be exploited by the latest viruses and worms. If incorrectly configured, these P2P applications can also provide access to confidential data on the host or elsewhere in the network. The spiraling threat of cyber attacks and the massive increase in vulnerabilities is resulting in increased costs. The result is that the growth of network security spending is outpacing overall IT expenditures. According to a recent study, security now ranks second as a target of incremental spending, second only to applications. CIOs expect to direct 13.7% of their new IT budgets to security1. Gartner estimates that total worldwide security spending will grow by 17.6% through 2009, while infrastructure investment, such as firewalls, anti-virus tools and intrusion detection systems, will increase at an even higher 22% compound annual growth rate. Overall IT spending is also growing, but at a considerably lower rate. There is a clear mapping between an organization’s technology goals and its principal information vulnerabilities. What they want makes them vulnerable.

People Problem

We are also seeing an emergence of threats and attacks from unexpected quarters. While external viruses and worms are still the most pervasive of network threats, one of the biggest vulnerabilities of all is still people. Despite extensive user education, a recent survey revealed that 78% of respondents had opened an e-mail attachment from an unknown or entrusted source in the last 12 months3 Respondents to the same survey reported that an astonishing 83% of all attacks originate internally, and include actions that range from internal sabotage to accidental mistakes. “External attacks gain more attention, but internal breaches, both criminal and accidental, are more frequent,” according to a major security auditor. Security is not a “nice to have.” Today it is an essential requirement. Advanced security technology is complex and can be costly. Most of all, proper security management requires a highly specialized and constantly evolving skill-set, something most IT organizations lack. They are discovering that managing their network security is not a core competency, and the cost of building an around-the-clock monitoring and response center is simply not justified.

Protection at a Reasonable Price

So just how does an organization afford the best possible protection at a reasonable price? The increasing scale, complexity and frequency of modern security and network threats, and the cost of developing and maintaining internal competencies to deal with them, are beyond the capacity or business focus of many organizations. In this context, a fast growing trend in cyber security – especially for smaller organizations – is turning over all or parts of this job to a managed security service provider. In a recent survey, 52% of respondents already use, or plan to use a managed security service within the next two years.

Another 18% intend to use these services in the longer term, while 20% are undecided. Only 10% stated that they did not intend to outsource their security services. The appeal to our end-customers is clear. They can enjoy all the benefits of a centrally managed security solution without the headaches of designing, implementing, managing and updating it.

Computrad can leverage economies of scale by maintaining a central team of security professionals who provide a range of specialized services to a broad range of customers. Many of these customers will have common requirements. These services offer your organization ready access to knowledgeable security professionals well-versed in security best practices, fast, troublefree implementation of industry-standard security technologies and products, and highly specialized solutions custom tailored to your specific requirements. They enable you to substantially reduce security infrastructure investments while allowing your technical personnel to focus on core competencies and strategic business activities.

Why Managed Security?

Today’s organizations are increasingly recognizing the financial, operational and strategic benefits of partnering with a trusted managed services provider such as Computrad.

The main benefits fall into three categories:

  • Cost savings
  • Productivity gains
  • Focus on core competencies

Cost Savings

As many organizations have discovered, implementing advanced security safeguards and running a 24x7 emergency response team is not an inexpensive endeavor. The costs associated with retrofitting your existing infrastructure and acquiring and implementing security hardware and software can be substantial. Once your security program has been established, you face large and often increasing on-going ownership costs – including costs associated with equipment monitoring, maintenance, management, staff training and retraining, and support. In addition, the need to continuously refresh technology to keep pace with the latest advances, in many instances, makes equipment ownership cost-prohibitive. Computrad’s managed security services can help relieve these pressures. The Computrad managed security services model differs from traditional outsourcing in which the services provider typically retains ownership over all related equipment and infrastructure components needed for service delivery.

Computrad  as a managed security provider maintains the operations center and remotely manages the customer premises equipment (CPE), but the customer’s organization owns the CPE

Time Savings and Productivity Gains

In these times of reduced capital equipment budgets and pressure to have smaller and more focused staff, company managers are continually being asked to deliver more with fewer resources. They are feeling massive pressures to boost productivity while experiencing ever-narrowing timeframes in which to accomplish mission-critical business objectives. Security is a game of constant vigilance and, paranoia is rife and rightly so.  Huge time investments are required to identify security gaps, investigate security threats, and find and deploy effective security solutions. Attacks can come at any time and from anywhere. Security personnel need to be on alert 24x7, monitoring every point in the network and continuously checking for new vulnerabilities. Computrad can shorten solution deployment time. Computrad will also shoulder the burden of ongoing security management by reusing intellectual capital gained from previous engagements and re-deploying experienced personnel, as well as applying proven methodologies for implementing secure and scalable architectures. In addition, they can implement high availability features, such as load balancing, fail-over or completely redundant architectures that are sometimes too costly and time-consuming for our customer’s organizations to attempt on your own.

Focus on Core Business Operations

Most successful organizations continually ask, “What are our core business operations and goals?” Network management, and especially the security aspects of network management, are a specialized area that few organizations would consider to be a core business objective or an area in which they demonstrate superior expertise. Many organizations are now moving back to basics in their operational focus. They are attempting to take advantage of the efficiencies and cost-savings that can be realized from focusing on core competencies and enlisting help with more complex, specialized and costly tasks.

On the one hand, you recognize the growing need to protect organization-wide information assets, but you also know that security technologies and evolving threats are complex, the required skill sets are highly specialized, training is expensive and time-intensive, and employee retention is a constant problem.

In network security, even more so than in other operational functions, personnel must be selected for the high levels of expertise that they have developed. Developing security competence requires theoretical knowledge combined with extensive real-world experience. This level of skill is well beyond the scope of most end-user organizations. Since security is continuously evolving, with new threats, attacks and defense strategies appearing every day, staff personnel must be completely dedicated to this role. Few organizations have the resources to commit a dedicated in-house team of this caliber. Outsourcing all security related service and support activities to Computrad can be a very cost-effective way to meet the challenge of expending precious time and energy outside your core skills area.

High ROI Managed Security Services

Some of our managed security solutions that organizations today are finding the most valuable and cost-effective include:

  • Managed firewalls
  • Intrusion Detection Services
  • Anti-virus and content filtering
  • Centralized patch management and coordinated patch rollout
  • VPN services
  • Extended monitoring and reporting

Managed Firewalls

Network firewalls, specifically created in response to the demand for network security, have become the mechanism of choice across the ebusiness community. Firewalls assist in protecting the private network infrastructure from the wild and untrusted outside world while streamlining access to the public Internet and all its resources. As a result of the levels of security that firewalls provide, organizations are able to leverage the lower costs of Internet communication to implement a far cheaper alternative to traditional network solutions. Centrally managed firewall offerings help provide tight perimeter security. In these solutions the corporate Internet connection extends from your organization’s premises, through your managed services provider, and then to the outside world. Additionally, firewalls support the assurances you need to feel comfortable offering selected access to potentially sensitive or mission-critical information to public or semi-public audiences. Database enabled web services have become the mainstay for running e-commerce applications on the Internet, and public access to these databases is protected by firewalls.

Intrusion Prevention Services

Intrusion prevention is another service that is ideally located at the perimeter of your network.

An Intrusion Prevention System (IPS) will taking automatic action to shut down – attacks against your systems. Managed IPS maintenance and management allows you to avoid staffing concerns, such as the need for 24x7 monitoring by operators with specialized training and expertise.

In addition, managed service providers gain experience with threat detection and analysis in multiple customer networks, increasing their value to you as informed providers of this vital functionality. A centrally managed IPS monitored 24x7 provides you with a very high degree of protection against the dynamic threats facing modern networks. Being able to quickly lock-down segments of your network that may come under specific attack will allow other vital network functions to continue to operate – even under a sustained denial of service or virus attack.

Anti-Virus & Content Filtering

Certain managed service functions can be efficiently performed at the Internet gateway. Two of these are becoming increasingly popular: Antivirus (for example: scanning inbound and outbound e-mail messages for malicious code); and content filtering (blocking access to specific nonbusiness related websites, websites with inappropriate content, or by preventing e-mail messages from identified “unfriendly” sources from reaching your network). Locating these functions on gateway appliances such as firewalls gives you and your service provider a single focal point for updates, reporting, and ongoing management and maintenance. The effectiveness of these services is directly proportional to the frequency of updates. Centralizing such resources makes tracking and performance updates much less complicated – this decreases the potential for intrusion due to outdated code and signatures. As previously discussed, we are also seeing a move by the virus writers towards polymorphic malicious code. This is malicious code that is capable of changing its signature and profile every time it replicates. A centrally managed solution, from an organization that has access to the latest virus threat dynamic profiles, provides you with significantly increased protection compared to what you could accomplish on your own, no matter how current you were with anti-virus software signature updates.

Centralized Patch Management & Coordinated Patch Rollouts

With system vulnerabilities being reported at ever increasing rates, the complex task of rolling out patches in the multi-vendor network environment is becoming a huge management issue. With published exploits often specifically targeting network appliances, the need to implement a coordinated patch rollout strategy – in the best order to maximize your protection – is essential. As discussed previously, exploits are now attacking network components and hosts at ever increasing speeds. This means that patches have to be deployed very quickly, often leaving no time for quality assurance or regression testing before you must roll out a patch to protect your network or specific network appliances. The importance of a coordinated patch management rollout strategy – effectively controlled by your managed security services provider – gives you peace of mind that the patch being deployed has both been tested, and is being implemented in a “best order” rollout strategy for your multi-vendor, multi-technology network.

VPN Services

Virtual Private Network (VPN) services let you cost-effectively extend your organizational network by helping provide secure access and site-tosite and extranet connections with strong end-to-end encryption. These services are typically offered in two varieties: remote-user VPN for traveling or telecommuting employees; and office-to-office VPN for decreasing recurrent communication costs (as opposed to dedicated circuits). VPN capabilities allow you to rapidly expand your infrastructure to meet critical requirements without having to wait weeks or months to add new sites to your network. VPNs also help you maintain private IP address space by allowing “illegal” addresses to be passed across the public networks by “tunneling” through a “legal” packet.

Extended Monitoring & Reporting

Organizations are finding it prohibitively expensive to use internal staff to perform round-the-clock monitoring. It is far more cost-effective to pay for 24x7 network and system monitoring by a managed service provider that can spread the costs over multiple customers, allowing your employees to focus on core competencies and strategic initiatives. This offloads security monitoring of your network to your managed service provider’s premises and personnel. Networks need to be scanned regularly for network perimeter killers. Various USB devices – Bluetooth, WiFi, Flash Memory, PDAs and Smartphones – facilitate the potential for internal attacks on your network infrastructure. These attacks may occur accidentally or they may be malicious in nature. But either way, the value in being able to regularly scan your networks for potential threatening devices attached via external network host ports cannot be overstated. “Write-once, read-never” logging is still alive and well. Your organization may be maintaining huge corporate data warehouses full of log files that are never reviewed by actual people. Computra can help do away with this dead storage by delivering regularly scheduled, summarized data on network utilization, intrusion attempts and other security related events in a clear, concise format.

Outsourcing Security: Protection Without the Headaches

Overall, teaming up with Computrad as your Managed Security Service Provider to handle security provides a flexible, network security management solution that can offer a quicker and better response to security events, lower operational costs, and on-going expert support. This approach has been demonstrated to provide companies with a potential overall return on investment with cost reductions of up to 30 percent. Managed security services delivered by Computrad’s CMSS will allow you to enjoy the benefits of top notch security protection without the headaches involved in implementing, maintaining, and tracking security products and policies through their entire lifecycle. Done properly, a managed security solution can transform your business for the better and add value to your everyday operations..

Resources

Contact UsAbout Us

Resources

(703) 286 0940
sales@computradusa.com
1616 Anderson Road
McLean,
Virginia. 22102,
USA

 


Resources
  USA Central London Greater London Northern UK Dubai
           
t (703) 286 0940 +44 (0)208 997 9888 +44 (0)208 997 9888 +44 (0) 1942 620 020 +44 (0)208 997 9888
f (703) 286 0888 +44 (0) 208 997 9938 +44 (0) 208 997 9938 +44 (0) 1942 218 666  
e sales@computradusa.com sales@computrad.co.uk sales@computrad.co.uk iclarke@computrad.co.uk sales@computrad.co.uk
a 1616 Anderson Road McLean,
Virginia
22102,
USA		 Computrad Europe Ltd
5 St. John’s lane
Farringdon
London
EC1M 4 BH		 Computrad Europe Ltd Integration House,
61 Bideford Avenue, Perivale,
Middlesex
UB6 7PP		 Computrad Europe Ltd Integration House,
61 Bideford Avenue,
Perivale,
Middlesex
UB6 7PP		 Computrad Gulf
Media City
PO Box 502076
Dubai,
UAE